SECO-Institute invites you to their event

From the Author's Mouth: Valentina Costa-Gazcón - Practical Threat Intelligence and Data Driven Threat Hunting

About this event

In our From the Authors Mouth series, we open our virtual doors to the movers and shakers in information security. It allows you to get your information directly from the source in an interactive interview- setting, with sufficient time reserved for Q&A.

This time we invite Valentina Costa-Gazcn, Director of Threat Intelligence at VerSprite and Author of the book Practical Threat Intelligence and Data-Driven Threat Hunting. Todays session will be moderated by Rob van Os, strategic SOC Advisor, creator of the SOC Maturity Model (SOC-CMM) and co-creator of the TaHiTI methodology for threat hunting.

The Book: Practical Threat Intelligence and Data-Driven Threat Hunting

In her book, Valentina takes readers into the world of pro-actively hunting adversaries, assuming that they already are inside your environment. The book is very well structured and consumable for all audiences. But is also offers deep dive sections, (open source) references and practical guidance into setting up your lab environment and conducting a hunt. As such, it is relevant for those that are new in the world of threat intelligence and threat hunting, but also offers sufficient depth for more experienced cybersecurity professionals and managers that want to implement a Threat Hunting program from scratch.

The first section of the book covers all basics, helping readers to understand what Threat Intelligence is and how it can be used, how to collect data and how to understand data though the development of data models, and highlights some basic networking and OS concepts, with a look at main Threat Hunting data sources.

The second part of the book covers how to set up a lab environment using open sources tools, alongside how to plan a hunt with practical exercises and examples, both in atomic red teaming as well as hunting APTs using intelligence driven hypotheses and the MITRE ATT&CK Framework.

Finally, the books offers tips and tricks to assess data quality, documenting hunts, defining and selecting metrics, communicating a breach and how to present Threat Hunting results to executives.

Audiences

This book - and this webinar - is for anyone interested to learn more about Threat Hunting in practice. It will benefit security analysts and security professionals that want to get their hands dirty and conduct their first hunt, as well as security / SOC managers and CISOs looking to create or improve their threat hunting capabilities.

Agenda of the Day:

13h00: Welcome -- Wim Stoffelen, SECO-Institute (Netherlands)

14h05: Introduction by your moderator Rob van Os, creator of the SOC Maturity Model (Netherlands)

14h15: Practical Threat Intelligence and Data Driven Threat Hunting, Valentina Costa-Gazcn, Director of Threat Intelligence at VerSprite and book Author (Argentina)

14h35: Q&A Session with the audience -- Valentina Costa-Gazcn and Rob van Os

14h50: Closing remarks

14h55: Upcoming events

Hosted by

  • Guest speaker
    G
    Rob van Os Strategic SOC Advisor @ SOC-CMM

  • Guest speaker
    G
    Valentina Costa-Gazcon Director of Threat Intelligence @ VerSprite

SECO-Institute

Europe's Leading Security & Continuity Training and Certification Body

Security & Continuity Institute (SECO) is Europe’s leading institute for highly qualified Security & Continuity training courses, and the Body of Knowledge of the Cyber Security & Governance Certification Program.