So many organizations start their journey into threat hunting by simply deploying instrumentation to operationalize indicators of compromise (IOCs). While there's nothing wrong with starting here, stopping here won't meet most organizations' long term threat hunting program goals.
In this webcast, we'll discuss how to move past just hunting for IOCs and how you can up your game significantly by targeting anomalies in the environment using the same investments in instrumentation.
Jake Williams is the co-founder of Rendition Infosec and a principal consultant performing incident response, computer forensics, penetration testing, malware reverse engineering, and exploit development. Jake is a certified SANS Instructor and course author and trains thousands annually in information security topics.
Prior to founding Rendition Infosec, Jake worked in various roles with the US DoD performing offensive and defensive cyber operations in classified environments. Jake regularly briefs Fortune 500 executives on information security topics and has a knack for translating complex technical topics into verbiage that anyone can understand.
Josh Pyorre is a senior security research analyst with Cisco Umbrella. Previously, he was a threat analyst at NASA, working as part of the team that built and operated the NASA Security Operations Center at Ames Research Center. He has also worked at Mandiant, helping to build their SOC while conducting incident response for multiple clients. Before working in security, Josh was the technical director for a non-profit providing assistance to the houseless in San Francisco.
His professional interests involve network, computer and data security with a goal of maintaining and improving the security of as many systems and networks as possible.
Josh has presented at conferences and locations around the world, including DEF CON, B Sides, Source, Derbycon, InfoSecurity World, DeepSec, Qubit, NASA and various companies and government entities. He was also the host of season one of the security podcast, 'Root Access'.