RVAsec 2019 has ended
Back To Schedule
Wednesday, May 22 • 3:00pm - 3:50pm
From The Trenches: Observations of and Tracking Actor Activity

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
EDR and threat hunting capabilities provide an unprecedented level of visibility into an infrastructure, and by extension, into malicious actor's behaviors and TTPs.  This capability extends well beyond what is available from OSINT collection and processing, as well as traditional IR, and provides the foundation for a strategic tracking process to truly take full advantage of what's available.  Not only can you track behaviors over time, but mapping the observed TTPs to the MITRE ATT&CK framework can provide valuable insights, and inform defensive measures.

avatar for Harlan Carvey

Harlan Carvey

Sr Researcher, CrowdStrike
Harlan has spent over 2 decades in the info/cyber security field, most of which has been spent in DFIR. He is a prolific author and speaker.

Wednesday May 22, 2019 3:00pm - 3:50pm EDT
Theatre, 2nd Floor