The Need for Proactive Defense and Threat Hunting Within Organizations
Offered By: YouTube
Course Description
Overview
Explore the critical need for proactive defense and threat hunting within organizations in this conference talk from BSides Tampa 2015. Delve into the reasons behind threat hunting's importance and gain a comprehensive understanding of its implementation. Learn about key areas of focus, including running processes, process privileges, network activity, kernel drivers, and persistence mechanisms. Discover how to effectively incorporate incident response teams, prepare for potential incidents, and utilize documentation for internal training. Examine the balance between security spending and incident response preparedness, and understand the importance of executive support in implementing robust cybersecurity measures. Conclude with valuable insights and engage in a Q&A session to further enhance your knowledge of proactive cybersecurity strategies.
Syllabus
Intro
Why is Threat Hunting Needed?
What is Threat Hunting?
Running Processes
Process Privileges
Network Activity
Kernel Drivers
Persistence Mechanisms
Scheduled Tasks
Services
Anti-Virus & HIPs
What is the End Result?
How Do You Get There?
IT Security Pre-Deployment
Incorporating the IR Team Pre-Deployment
Incident Preparedness
Utilizing Documentation
Documentation into Internal Training
About Executive Support...
Spending: Security vs IR Preparedness
Conclusions
Questions/Comments?
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube