Continuous Threat Hunting: Expanding beyond alerts to detect modern threats with rigorous, repeatable threat hunting.

Cherlynn Cha (ExpressVPN)

Alerts serve as the backbone of most SOCs, but alerts alone cannot detect modern, advanced threats without being so noisy that they quickly induce analyst fatigue. Threat hunting has arisen as a complement to alerting, but most SOCs do not operationalize threat hunting with the same rigor as alerting. In this session, we will discuss how SOC teams can overcome this through a model we call Continuous Threat Hunting: using analytic-driven methods to cover more data, but with a standardized approach designed to produce repeatability, effectiveness, and confidence in result.

View More Papers

Sharing cyber threat intelligence: Does it really help?

Beomjin Jin (Sungkyunkwan University), Eunsoo Kim (Sungkyunkwan University), Hyunwoo Lee (KENTECH), Elisa Bertino (Purdue University), Doowon Kim (University of Tennessee, Knoxville), Hyoungshick Kim (Sungkyunkwan University)

Enhance Stealthiness and Transferability of Adversarial Attacks with Class...

Hui Xia (Ocean University of China), Rui Zhang (Ocean University of China), Zi Kang (Ocean University of China), Shuliang Jiang (Ocean University of China), Shuo Xu (Ocean University of China)

OCPPStorm: A Comprehensive Fuzzing Tool for OCPP Implementations (Long)

Gaetano Coppoletta (University of Illinois Chicago), Rigel Gjomemo (Discovery Partners Institute, University of Illinois), Amanjot Kaur, Nima Valizadeh (Cardiff University), Venkat Venkatakrishnan (Discovery Partners Institute, University of Illinois), Omer Rana (Cardiff University)