A B C of Hunting - Octavius 1

A B C of Hunting - Octavius 1

Actions and Detail Panel

Sales Ended

Date and time


Caesars Palace

Paradise, NV 89109

View map



Instructor - Julian Dana

Pre-requisites - Basic Incident Response knowledge. Basic security architecture knowledge. Basic log review knowledge. Basic OS knowledge.

We heard it all before. The old school SOC/CIRTs is not enough to fight the sophisticated attacks we see these days; being reactive to alerts and the known BAD model is not cutting it anymore. We need to move forward -> the CDC (Cyber Security Center) or the SOC/CIRT 2.0+, extra, super, plus! And, that means making the changes to become: Proactive, Predictive and Reactive too… And for that you need to start the HUNTING! .... BUT what is that?…How do I do it? Where do I start? Which is the simplest for me as an analyst? Logs? Intelligence? Let’s start from the ABC... We will cover the theory and a few practical LABs. How to map the active Hunting to the Attack LyfeCycle. We will talk about the IOCs, Frequency Analysis (stacking). Intel driven LAB. And lastly ask you to use your imagination to create your own Hunting case. Please…get ready to talk, as it is going to be interactive (I’m not expecting to be the only one talking).

Required Materials - The attendees should bring a laptop or a VM running Windows 7 or above with 2GB of RAM (4+ GB would be better) with connection to the Internet (the one provided by DEF CON works perfectly). Software: Spreadsheet editor, favorite text editor or log viewer. Admin rights to be able to install software if required.

Save This Event

Event Saved