Threat Hunting w/ Matt Toth from Polarity

The chances are very high that hidden threats are already in your organization’s networks. Prevention systems and tools help reduce opportunities for adversaries and enable analysts to operate more effectively. The key, however, is to constantly look for attacks that get past security systems and to catch intrusions in progress rather than after attackers have completed their objectives and done worse damage to the business. This process is referred to as “Threat Hunting".

Armed with an understanding of the general methodologies that the attacker utilizes in modern Advanced Persistent Threats (APT), we can better equip ourselves to defend and disrupt this type of attack. The goal of this session is to help analysts and defenders learn how to hunt for these threats. Defenders will see the benefit unifying all of their data sources so that they can see across all of the phases of an attack to give them the best chance of detecting an adversary.

Matt Toth is the Senior Director of Field Security Engineering at Polarity (Polarity.io)

Doors at 6pm class starts at 7pm!

---

Every Thursday night, the local DEF CON group DC801 hangs out at the 801Labs hackerspace for people to come work on projects, help others with projects, and get to know some of the others in the area. These events are open to the public.

If you are new and do not see a lot of RSVPs, be aware that most people that show up do not RSVP. There will be people nearly every Thursday.

You can also visit us on Discord: https://discord.gg/uSQdUPt