It is very important nowadays to stay up to date with all of the cyber threats that are posing all over the world. It is widely known that there are not enough resources to be found to fill up every Security Operation Center (i.e. SOC). Therefore, many organizations struggle with coping with the massive amount of new type of attacks and generated alerts from their tooling.
During this session, you will learn how to hunt (and automate your hunt) for active cyber threats in your environment and contain them using integrated connections to network, endpoint, and cloud products. This session is targeted at SOC management, cyber security engineers, threat hunters, and analysts. It will touch on threat detection, investigation and response. All the code will be made available after the session.
Christopher van der Made, Security Developer Advocate, Cisco Systems Inc. - / chriscodevnet
View upcoming Summits: www.sans.org/u/DuS
Download the presentation slides (SANS account required) at www.sans.org/u/1iaE
#ThreatHuntingSummit #ThreatHuntingAutomation