Detection Technique Deep Dive



Having detection techniques at hand – which you can apply in systematic approaches across different environments – is a ninja skill detection engineers and threat hunters need to have.


In this session, Senior Threat Hunter Doug Brown will provide you with just that. Join Doug as he explores a range of concrete search techniques to measure a variety of behavioural changes, and demonstrates how to map those to MITRE ATT&CK techniques.


Attend this session to learn how to:

  • Map advanced statistics to MITRE ATT&CK techniques
  • Detect spikes with median absolute deviation and handle data with seasonality
  • Identify first-time events in new values seen in a field or combination of fields, including cardinality of distinct fields to measure behaviour change
  • Detect C2 beaconing through domain parking and lateral movement with RDP for first-time users by applying simple sequencing techniques
 

Plus, you’ll get bonus examples of highly complex sequencing approaches.

Speaker and Presenter Information

Doug Brown - Senior Threat Hunter at CrowdStrike

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:


Event Type
Webcast


This event has no exhibitor/sponsor opportunities


When
Mon, Dec 12, 2022, 8:00am - 8:30am ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
Splunk


Contact Event Organizer



Return to search results