General Info

SecurityWeek’s 2022 Threat Hunting Summit will present innovative strategies and tools that security teams use to detect, contain, and eliminate attackers present in or attempting to infiltrate enterprise networks. Attendees will learn how continually monitoring with a fine-tuned threat hunting strategy can help incident response teams detect attacks that may have bypassed enterprise defenses and reduce attacker dwell time.

Agenda

November 16, 2022 11:00

Fireside Chat: Steve Mancini, Guardant Health

Join us for a conversational fireside chat with Steve Mancini, head of Information Security at Guardant Health.

In this interview with SecurityWeek Editor-at-Large Ryan Naraine, Mancini will discuss his career in the cybersecurity trenches as a practitioner, threat hunter, and a leader building and security programs. Attendees can expect an engaging conversation on the CISO's decision-making process, best practices for securing corporate assets and data, and tips and tricks for reducing risk exposure.

Steve Mancini
Guardant Health, Head of Information Security

Ryan Naraine
SecurityWeek, Editor-at-Large

November 16, 2022 11:35

Understanding the Full BEC Attack Cycle Using Active Defense

This presentation will cover how active defense techniques can be used as a unique tool to collect intelligence that helps us better understand the full cycle of BEC attacks by revealing what happens after a potential attack is successful. We’ll look at the different types of investigative artifacts we can collect by engaging with BEC actors, from post-attack behavior to attacker locations to mule accounts. Throughout the presentation, we’ll see various real-world examples of successful active defense engagements that have led to significant insights into these attacks.

Crane Hassold
Abnormal Security, Director of Threat Intelligence

November 16, 2022 12:05

BREAK

Please visit our sponsors in the Exhibit Hall. They're standing by now to answer your questions.

November 16, 2022 12:15

Stop the Danger Within: Detect Insider Threats with Endpoint Telemetry

Employees of an organization may use their authorized access to do harm—whether it be intentionally stealing or destroying data, or unintentionally creating risk or leaking data. With deep insight into end-user endpoints, security teams can detect, stop, and respond to these types of insider threats. In this session, Uptycs Solutions Engineering Director Julian Wayte will demonstrate the different ways in which security teams can use endpoint telemetry to:

  • Detect potential data exfiltration through USB devices or uploads to sites like Dropbox
  • Use file integrity monitoring to alert when a confidential file is deleted
  • Create watch lists for potential insider threats based on browser activity
  • Collect forensics to investigate insider threats, such as retrieving a deleted file from a low-level disk partition
  • Inform and empower users to address security and compliance issues, avoiding negligent risk 

Julian Wayte
Uptycs, Director of Solutions Engineering

November 16, 2022 12:45

What to Automate First in Your SOC

We often hear that the hardest part of automation is simply figuring where to start and how to know if you're doing it right. In this webinar we explore the Torq template library, showing how anyone can use these pre-built elements to start automating security tasks right away, using best practices by default.

Ryan Darst
Torq, Director of Security Automation

November 16, 2022 13:15

Panel Discussion: A Practical Approach to Defending the Enterprise

Join us for a unique view of the threat landscape, through the eyes of chief security officers tasked with securing products, data and corporate assets.  

In this panel, SecurityWeek Editor-at-Large Ryan Naraine will lead a discussion on a practical approach to defending the modern enterprise, managing the 'assume breach' and 'zero-trust' concepts in a fast-changing threat landscape, the value of threat intelligence, remote work and attack surface sprawl, leadership and communication priorities, software supply chain security and the cybersecurity skills shortage.

Brian Markham
EAB, Chief Information Security Officer

Anne Marie Zettlemoyer
CyCognito, Chief Security Officer

Ryan Naraine
SecurityWeek, Editor-at-Large

November 16, 2022 14:05

BREAK

Please visit our sponsors in the Exhibit Hall.

November 16, 2022 14:15

Analysis of a Mercenary Group and Their Role in the Threat Landscape

When it comes to the dirty world of hackers-for-hire, the challenges of attribution and identifying attack objectives are often blurred if not impossible. Such cyber mercenaries operate at a speed and scale that can lead to the discovery of prolific campaigns spanning the globe. However, where do they stand when compared to the more commonly observed and reported threat actors? In this talk we will review one such group, how they measure up to the wider threat landscape, and why they should be of interest to all defenders.

Tom Hegel
SentinelLabs, Senior Threat Researcher

ON-DEMAND: Automation for People Who Are Too Busy to Automate

The hardest part of security automation is often just figuring where to start and whether you're doing it right. The second hardest is finding someone who actually has the time and skills to develop the automations. At Torq, we help teams work through this every day. Using our no-code automation platform, security teams can target specific processes and create their first workflow in as little as a few hours. Limitless integrations, a visual drag-and-drop editor, and hundreds of templates make it possible for everyone. See how in this short video.

ON-DEMAND: Abnormal Security Walk-through

Overview of the entire Integrated Cloud Email Security platform with product demo, presented by Sales Engineer Manager, Scott DeLuke.

ON-DEMAND: Uptycs Demo

ON-DEMAND: Automation for People Who Are Too Busy to Automate

The hardest part of security automation is often just figuring where to start and whether you're doing it right. The second hardest is finding someone who actually has the time and skills to develop the automations. At Torq, we help teams work through this every day. Using our no-code automation platform, security teams can target specific processes and create their first workflow in as little as a few hours. Limitless integrations, a visual drag-and-drop editor, and hundreds of templates make it possible for everyone. See how in this short video.

ON-DEMAND: Abnormal Security Walk-through

Join this session for an overview of the entire Integrated Cloud Email Security platform with a product demo, presented by Sales Engineer Manager, Scott DeLuke.

ON-DEMAND: Uptycs Demo

Join this session to get a demo of the Uptycs Cloud-Native Security Analytics Platform and see how Uptycs can help you protect and defend across modern attack surfaces.

Gold Sponsors