Detection Technique Deep Dive

Having detection techniques at hand – which you can apply in systematic approaches across different environments – is a ninja skill detection engineers and threat hunters need to have.

In this session, Senior Threat Hunter Doug Brown will provide you with just that. Join Doug as he explores a range of concrete search techniques to measure a variety of behavioural changes, and demonstrates how to map those to MITRE ATT&CK techniques.

Attend this session to learn how to:

Map advanced statistics to MITRE ATT&CK techniques
Detect spikes with median absolute deviation and handle data with seasonality
Identify first-time events in new values seen in a field or combination of fields, including cardinality of distinct fields to measure behaviour change
Detect C2 beaconing through domain parking and lateral movement with RDP for first-time users by applying simple sequencing techniques

Plus, you’ll get bonus examples of highly complex sequencing approaches.

Webinar duration: 30 minutes

Webinar language: English

Business Email*

First Name*

Last Name*

Job Title*

Company*

Country*

State or Province

Phone Number*

Post / Zip Code*

Department*

Interest*

Honeypot

DO NOT EDIT

I agree to the Splunk Websites Terms and Conditions of Use and the Splunk Privacy Policy.*

I agree to receive marketing communications by email, including educational materials, product and company announcements, and community event information, from Splunk Inc. and its Subsidiaries pursuant to the terms of Splunk’s Privacy Policy. I can unsubscribe at any time.

Webinar

On Demand

Calling all Security Detection Engineers and Threat Hunters.

Our Speaker

Doug Brown