“The information security and forensic community now understands that solely relying on reactive incident response processes is not a strategy that improves the security of our network environments,” explained Phil Hagen, Summit Co-Chair and a SANS Senior Instructor. “The inclusion of threat hunting practices has significantly improved our industry’s response time by proactively seeking evidence of previously undetected incidents or full-scale breaches.”
This year’s Summit features an array of top threat hunting practitioners who will share the latest tools, techniques, and procedures they use in their environments on a daily basis to improve their organizations’ security posture. Summit speakers include:
- Rick McElroy, Security Strategist, Carbon Black
- Josh Pyorre and Andrea Scarfo, Security Research Analysts, Cisco Umbrella
- Stuart Davis, Associate Partner, X-Force Incident Response & Intel Services (a division of IBM)
- Mauricio Velazco, Vice President – Threat Management, Blackstone
- Alissa Torres, Certified Instructor, SANS Institute
- David Evenden, Senior Vulnerability Exploitation Analyst, CenturyLink
- Josh Bryant, Cybersecurity Architect, Microsoft
- Robert Falcone, Threat Researcher, Palo Alto Unit 42
The Threat Hunting & Incident Response Summit was created by SANS in collaboration with Carbon Black to specifically address gaps in the security landscape, and Hagen has seen the progress in closing those gaps. “Using the basic definition of threat hunting – leveraging new threat intelligence against existing data stores of evidence — we see benefits in terms of decreased attacker dwell time, faster and more decisive identification of human- or machine-originated anomalies, and overall improved network hygiene,” he said.
Rob Lee, SANS DFIR Curriculum Lead and Summit Co-Chair added, “This summit is unique in that it brings together seasoned hunters and new practitioners to share ideas, techniques, and capabilities that are being discovered. Hunting is still so new that one of the few places to learn about what works are through events like these. No one has threat hunting completely figured out yet – summits like these are key to helping spread the word on things both new practitioners and skilled hunters can use in their operations when they get back home.”
Immediately following the Summit, attendees will have the opportunity to enhance their training experience by taking one of seven hands-on threat hunting and incident response courses. Courses offered include FOR508: Advanced Digital Forensics, Incident Response and Threat Hunting, FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response, FOR578: Cyber Threat Intelligence, and more.
To register for the SANS Threat Hunting & Incident Response Summit & Training or to obtain additional information about it, including a complete list of speakers and courses, please visit: www.sans.org/u/EuE
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 60 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates a practitioner’s qualifications via over 30 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master’s degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet’s early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (www.SANS.org)
About Carbon Black
Carbon Black (Nasdaq: CBLK) is a leading provider of next-generation endpoint security. Carbon Black serves more than 3,700 customers globally, including 33 of the Fortune 100. As a cybersecurity innovator, Carbon Black has pioneered multiple endpoint security categories, including application control, endpoint detection and response (EDR), and next-generation antivirus (NGAV). Leveraging its newly introduced big data and analytics cloud platform – the Cb Predictive Security Cloud – Carbon Black solutions enable customers to defend against the most advanced cyber threats, including malware, ransomware, and non-malware attacks. Deployed via the cloud, on premise, or as a managed service, customers use Carbon Black solutions to lock down critical systems, hunt threats, and replace legacy antivirus. For more information, please visit www.carbonblack.com or follow us on Twitter at @CarbonBlack_Inc
2018 © Carbon Black and Predictive Security Cloud are registered trademarks or trademarks of Carbon Black, Inc. in the United States and other jurisdictions.