Threat hunting is a collection of techniques that attempts to determine if malicious activities are taking place in an organization’s computing environment. Threat hunting often takes place after a known or suspected compromise and is used to confirm the incident and determine its extent.
Many organizations use threat hunting to assess the capabilities of their security infrastructure as the techniques in threat hunting provide a ‘check and balance’ against traditional security technology. Recently many organizations have expanded their use of threat hunting to supplement their merger and acquisition efforts.
Ray Strubinger, VerSprite’s Managing Consultant for Digital Forensics & Incident Response, has lead threat hunting efforts many scenarios and will share his experiences and the lessons learned from assessing diverse environments.
This presentation will provide an adaptive, heuristic approach that has been successfully used to identify compromised assets, rogue accounts, unauthorized software, organizational policy violations and poor security practices. Learn how VerSprite can help your organization combine business knowledge with technical skill to create solutions that achieve balance among risk, security and the needs of the business.
To learn more about our DFIR services, visit VerSprite at https://versprite.com/security-offerings/dfir/.