Threat Hunting: Strategies for Success with Mick Douglas & Todd Kaltenborn
Defending your network from an advanced adversary means employing advanced detection techniques. Hunting is one of those techniques. With hunting, defenders assume attackers are already in the network and need to be found.
In this webinar, Binary Defense will be sharing some of their tactics they use to find the bad guys. Attendees will learn how to use built-in features of their own operating systems, as well as Binary Defense’s Vision product to do this advanced detection and analysis.
- Locate truly stealthy adversaries.
- Find blind-spots and misconfigured systems in your enterprise before an actual attack takes place.
- Automate the search – Use powershell to save your security team time during hunting engagements.
Binary Defense does hunting as part of standard MSSP engagements… most often in the hours after everyone has long left your office. When the attacker thinks nobody is there, they strike.
By hunting when the attackers are active, we find the attackers that others cannot.
About the Speakers:
Even when his job title has indicated otherwise, Mick Douglas has been doing information security work for over 10 years. He received a bachelor's degree in communications from Ohio State University and holds the CISSP, GCIH, GPEN, GCUX, GWEB, and GSNA certifications. He currently works at Binary Defense Systems as the DFIR Practice Lead.
He is always excited for the opportunity to share with others so they do not have to learn the hard way! By studying with Mick, security professionals of all abilities will gain useful tools and skills that should make their jobs easier. When he's not "geeking out" you'll likely find Mick indulging in one of his numerous hobbies; photography, scuba diving, or hanging around in the great outdoors.
Todd spent the last 20 years working for the DoD in various capacities across multiple IT disciplines; most of which was InfoSec-related. His jobs have included everything from answering phones on help desks to engineering and implementing network architecture within high-stress environments. He’s held multiple industry certifications at one time or another to include CISSP, Security+, GCFA, GCIH, and various Cisco certifications, as well.
Currently, Todd is serving as SOC Team Lead for Binary Defense. When he’s not working (his wife would say he’s still working, and that may be true) he can be found playing board games and video games with his wife and three sons.
**Safety Note: He’s not a “people person” before morning coffee. **