Continuous Threat Hunting: Expanding beyond alerts to detect modern threats with rigorous, repeatable threat hunting.

Cherlynn Cha (ExpressVPN)

Alerts serve as the backbone of most SOCs, but alerts alone cannot detect modern, advanced threats without being so noisy that they quickly induce analyst fatigue. Threat hunting has arisen as a complement to alerting, but most SOCs do not operationalize threat hunting with the same rigor as alerting. In this session, we will discuss how SOC teams can overcome this through a model we call Continuous Threat Hunting: using analytic-driven methods to cover more data, but with a standardized approach designed to produce repeatability, effectiveness, and confidence in result.

View More Papers

PriSrv: Privacy-Enhanced and Highly Usable Service Discovery in Wireless...

Yang Yang (School of Computing and Information Systems, Singapore Management University, Singapore), Robert H. Deng (School of Computing and Information Systems, Singapore Management University, Singapore), Guomin Yang (School of Computing and Information Systems, Singapore Management University, Singapore), Yingjiu Li (Department of Computer Science, University of Oregon, USA), HweeHwa Pang (School of Computing and Information Systems,…

Using Behavior Monitoring to Identify Privacy Concerns in Smarthome...

Atheer Almogbil, Momo Steele, Sofia Belikovetsky (Johns Hopkins University), Adil Inam (University of Illinois at Urbana-Champaign), Olivia Wu (Johns Hopkins University), Aviel Rubin (Johns Hopkins University), Adam Bates (University of Illinois at Urbana-Champaign)

Not your Type! Detecting Storage Collision Vulnerabilities in Ethereum...

Nicola Ruaro (University of California, Santa Barbara), Fabio Gritti (University of California, Santa Barbara), Robert McLaughlin (University of California, Santa Barbara), Ilya Grishchenko (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara)