Sponsored by: Cato Networks

Network-Based Threat Hunting and Where Legacy Security Fails


Breakout Session September 21, 2022 1:15 pm - 2:00 pm

Bookmark and Share

Etay Maor

Using legacy, “on-prem” security strategies to combat today’s threats is like bringing a knife to a gunfight. Threat actors have been perfecting the art of evading security controls for years, and we see the results in headlines all the time. In this session, we will dive into network-based threat hunting and how it can be implemented within an organization’s security strategy. A cloud environment requires a cloud security strategy!

Most organizations are going through a digital transformation journey, be it a planned one or one that was forced upon them due to circumstances. But how many organizations are ensuring this journey includes security transformation? Companies are often using the same security tools and techniques they have been using for over a decade even though the infrastructure and threats have changed and evolved drastically. End point AV? Sandboxes? Siloed threat intel feeds? Threat actors today have proven over and over they can bypass these strategies.

In this session, we will review how today’s threats evade security detection and how threats have evolved over time. It’s not all about new features but rather how to deploy and use them! We will show case studies, analyze attacks utilizing MITRE ATT&CK, and show a network-based threat hunting program based on threat intel that can tackle today’s threats.

RH-ISAC Summit