Cherlynn Cha (ExpressVPN)

Alerts serve as the backbone of most SOCs, but alerts alone cannot detect modern, advanced threats without being so noisy that they quickly induce analyst fatigue. Threat hunting has arisen as a complement to alerting, but most SOCs do not operationalize threat hunting with the same rigor as alerting. In this session, we will discuss how SOC teams can overcome this through a model we call Continuous Threat Hunting: using analytic-driven methods to cover more data, but with a standardized approach designed to produce repeatability, effectiveness, and confidence in result.

View More Papers

Learning Automated Defense Strategies Using Graph-Based Cyber Attack Simulations

Jakob Nyber, Pontus Johnson (KTH Royal Institute of Technology)

Read More

MacOS versus Microsoft Windows: A Study on the Cybersecurity...

Cem Topcuoglu (Northeastern University), Andrea Martinez (Florida International University), Abbas Acar (Florida International University), Selcuk Uluagac (Florida International University), Engin Kirda (Northeastern University)

Read More