Neil R. Wyler is currently a Senior Threat Hunting & Incident Response Specialist with RSA. He has spent over 18 years as a security professional, focusing on vulnerability assessment, penetration testing, physical security, and incident response. He has been a staff member of the Black Hat Security Briefings for over 16 years and a member of the Senior Staff at DEF CON for 18 years. Neil has spoken at numerous security conferences worldwide, including Black Hat, DEF CON, and the RSA Conference. He has been the subject of various online, print, film, and television interviews, and has authored several books on information security. In his free time, Neil keeps himself busy as a member of both the DEF CON, and Black Hat CFP Review Boards, the Black Hat Training Review Board, the founder of DC801, and founder of his local hackerspace, 801 Labs.

Threat Hunting: From Platitudes to Practical Application

Since its inception, the security industry has been inundated with trendy defense techniques, topics, terms, and products that once implemented will solve all of our security woes. For the last several years one of those terms, threat hunting, has become the darling of defenders and vendors worldwide. But just what is threat hunting? Is it effective? Where do you even begin? This session will answer these questions and more when we discuss real life, immediately applicable, threat hunting techniques and methodologies. We’ll talk about hunting in network, as well as endpoint environments, and even who the right people on your team are to be your hunters. And finally, we’ll discuss several examples of security failures and data exposure found during actual threat hunting engagements on the networks of Black Hat and the RSA Conference.