Detection Mastery: War Stories From The Hunters Side by Ilya Kolmanovich and Felix Kurmish

Presented at BSides Toronto on October 18 2020 The defending industry is shifting from Reactive to Proactive mode by deploying both Red Teams and Threat Hunters to constantly challenge the controls organizations deploy. Threat Hunting is designed to provide a perceived sense of control to the security leaders. The idea is to detect well and then hunt to eliminate gaps & blind-spots. The remaining question is how to do it right! In this talk we will explore what Threat Hunting is, why it has emerged and how you can build it well in your organization. We provide relevant hunting scenario examples, talk about real life battles while doing threat hunting and eventually address the pain points of real Enterprise environments. We will cut to the chase by dissecting the process of detection mastery to find the next APT.