Testing Visibility to Develop an Innovative Threat Hunting Program

October 2, 2018 1:00PM EDT

Do you have the visibility you need to hunt for adversary techniques? Increasing the quality and quantity of data analysis requires a robust set of tools, techniques, and practices. Learn how to use the MITRE ATT&CK™ framework, Cb Response, and Atomic Red Team to hunt for adversary techniques and build functional tests to understand visibility.

This hands-on technical session will demonstrate how to:

  • Hunt for frequently used ATT&CK techniques with Cb Response
  • Measure and improve visibility with Atomic Red Team tests
  • Turn new intelligence into hunting criteria
  • Investigate data that can support a judgment call on whether activity is malicious or benign



Joe Moles

VP, Customer Security Operations
Red Canary



Adam Mathis

Security Practitioner
Red Canary



Jimmy Astle

Sr. Threat Researcher
Carbon Black