Threat Hunting Summit

Join us for a conversational fireside chat with Steve Mancini, head of Information Security at Guardant Health.

In this interview with SecurityWeek Editor-at-Large Ryan Naraine, Mancini will discuss his career in the cybersecurity trenches as a practitioner, threat hunter, and a leader building and security programs. Attendees can expect an engaging conversation on the CISO's decision-making process, best practices for securing corporate assets and data, and tips and tricks for reducing risk exposure.

This presentation will cover how active defense techniques can be used as a unique tool to collect intelligence that helps us better understand the full cycle of BEC attacks by revealing what happens after a potential attack is successful. We’ll look at the different types of investigative artifacts we can collect by engaging with BEC actors, from post-attack behavior to attacker locations to mule accounts. Throughout the presentation, we’ll see various real-world examples of successful active defense engagements that have led to significant insights into these attacks.

Employees of an organization may use their authorized access to do harm—whether it be intentionally stealing or destroying data, or unintentionally creating risk or leaking data. With deep insight into end-user endpoints, security teams can detect, stop, and respond to these types of insider threats. In this session, Uptycs Solutions Engineering Director Julian Wayte will demonstrate the different ways in which security teams can use endpoint telemetry to:

• Detect potential data exfiltration through USB devices or uploads to sites like Dropbox
• Use file integrity monitoring to alert when a confidential file is deleted
• Create watch lists for potential insider threats based on browser activity
• Collect forensics to investigate insider threats, such as retrieving a deleted file from a low-level disk partition
• Inform and empower users to address security and compliance issues, avoiding negligent risk

Ryan Darst is Torq’s Director of Security Automation, where his team takes common use-cases and turn them into easy-to-use templates in the Torq template library. Ryan has almost 30 years of experience across the cybersecurity space, including experience working in both financial and healthcare environments. Over the past decade, he has assisted customers in solving complex security challenges, as well as delivering automated solutions in cloud, network, and other security technologies.

Join us for a unique view of the threat landscape, through the eyes of chief security officers tasked with securing products, data and corporate assets.

In this panel, SecurityWeek Editor-at-Large Ryan Naraine will lead a discussion on a practical approach to defending the modern enterprise, managing the 'assume breach' and 'zero-trust' concepts in a fast-changing threat landscape, the value of threat intelligence, remote work and attack surface sprawl, leadership and communication priorities, software supply chain security and the cybersecurity skills shortage.

When it comes to the dirty world of hackers-for-hire, the challenges of attribution and identifying attack objectives are often blurred if not impossible. Such cyber mercenaries operate at a speed and scale that can lead to the discovery of prolific campaigns spanning the globe. However, where do they stand when compared to the more commonly observed and reported threat actors? In this talk we will review one such group, how they measure up to the wider threat landscape, and why they should be of interest to all defenders.