The SOC Puzzle: Where Does Threat Hunting Fit? | 2020 Threat Hunting & Incident Response Summit

Threat hunters, incident responders, malware analysts, and detection engineers are all pieces that come together to form a fully functional Security Operations Center (SOC). If employed correctly, threat hunters are the linchpin in an organization. A mature threat hunting team is vital to shifting the organization from a reactive posture to a proactive one. This begs the question: How do you integrate your threat hunting team with traditional SOC roles and pre-established processes? This talk will cover threat hunting methodologies and how they complement the roles and responsibilities of traditional positions within a SOC. Ultimately, we’ll be demonstrating how effectively employing your threat hunters can drastically lower your overall mean time to detect adversaries and respond to incidents. Speaker: Ashley Pearson, @onfvp, Threat Hunter at USAF Computer Emergency Response Team

Join Today
Threat Hunting in Security Operation - SANS Threat Hunting Summit 2017
▶︎

Threat Hunting in Security Operation - SANS Threat Hunting Summit 2017

Hunting Human Operated Ransomware Operators | 2020 Threat Hunting & Incident Response Summit
▶︎

Hunting Human Operated Ransomware Operators | 2020 Threat Hunting & Incident Response Summit

How to Build Threat Hunting into Your Security Operations | Red Canary
▶︎

How to Build Threat Hunting into Your Security Operations | Red Canary

SOC 101: Real-time Incident Response Walkthrough
▶︎

SOC 101: Real-time Incident Response Walkthrough

An Introduction to Threat Hunting With Zeek (Bro)
▶︎

An Introduction to Threat Hunting With Zeek (Bro)

What Are the Differences Between Threat Hunting and Incident Response
▶︎

What Are the Differences Between Threat Hunting and Incident Response

Putting MITRE ATT&CK™ into Action with What You Have, Where You Are presented by Katie Nickels
▶︎

Putting MITRE ATT&CK™ into Action with What You Have, Where You Are presented by Katie Nickels

Find_Evil - Threat Hunting | SANS@MIC Talk
▶︎

Find_Evil - Threat Hunting | SANS@MIC Talk

Threat Hunting in the Modern SOC with Splunk
▶︎

Threat Hunting in the Modern SOC with Splunk

Cyber Threat Hunt 101: Part 5 - Core Skills for Hunters and Tips for Beginners!
▶︎

Cyber Threat Hunt 101: Part 5 - Core Skills for Hunters and Tips for Beginners!

One Piece at a Time: A Guide to Building a CTI Program
▶︎

One Piece at a Time: A Guide to Building a CTI Program

Quickstart Guide to MITRE ATT&CK - Do’s and Don’ts w/ Adam Mashincho - HackFest Summit 2020
▶︎

Quickstart Guide to MITRE ATT&CK - Do’s and Don’ts w/ Adam Mashincho - HackFest Summit 2020

Common misconceptions and mistakes made in Threat Hunting
▶︎

Common misconceptions and mistakes made in Threat Hunting

SANS DFIR Webcast - Incident Response Event Log Analysis
▶︎

SANS DFIR Webcast - Incident Response Event Log Analysis

ACM Webcast: Network Threat Hunting Runbook
▶︎

ACM Webcast: Network Threat Hunting Runbook

How To Think SO CLEARLY People Assume You're A Genius
▶︎

How To Think SO CLEARLY People Assume You're A Genius

Cyber Threat Hunting: Identify and Hunt Down Intruders
▶︎

Cyber Threat Hunting: Identify and Hunt Down Intruders

CSS2018LAS8: Incident Handling Process - SANS
▶︎

CSS2018LAS8: Incident Handling Process - SANS

Evolving the Hunt: A Case Study in Improving a Mature Hunt Program - SANS Threat Hunting Summit 2019
▶︎

Evolving the Hunt: A Case Study in Improving a Mature Hunt Program - SANS Threat Hunting Summit 2019

FOR508 - Advanced Incident Response and Threat Hunting Course Updates: Hunting Guide
▶︎

FOR508 - Advanced Incident Response and Threat Hunting Course Updates: Hunting Guide