Threat Hunting Session

Network meets Endpoint

The continuation of the Threat Hunting Workshop: “Network meets Endpoint Edition” – Starting with a presentation explaining the tools, techniques and procedures used by adversaries and how to detect and contain these types attacks. We’ll go over the weaponization of a multi-staged attack, process execution, privilege escalation, beaconing, lateral movement and data exfiltration and provide you with the endpoint and networks indicators and how to obtain this evidence.

We will continue with a live demonstration of how an advanced adversary compromises your network, using different techniques to move laterally, do credential scraping and network recon.

Finally we’ll discuss several behaviour based solutions that can efficiently detect these kinds of attacks, provide you with full visibility and automate response to mitigate the threat.


12h15: Welcome & Lunch
13h15: Introduction to Threat Hunting – finding evidence, what to look for
14h00 - Demo of a network breach
15h00 - BREAK
15h15: How Machine Learning technology can detect these attack techniques
16h30: Network drink (drinks at the bar/terrace)
17h00: End