Calling all Security Detection Engineers and Threat Hunters.

Having detection techniques at hand – which you can apply in systematic approaches across different environments – is a ninja skill detection engineers and threat hunters need to have.

In this session, Senior Threat Hunter Doug Brown will provide you with just that. Join Doug as he explores a range of concrete search techniques to measure a variety of behavioural changes, and demonstrates how to map those to MITRE ATT&CK techniques.

Attend this session to learn how to:


  • Map advanced statistics to MITRE ATT&CK techniques
  • Detect spikes with median absolute deviation and handle data with seasonality
  • Identify first-time events in new values seen in a field or combination of fields, including cardinality of distinct fields to measure behaviour change
  • Detect C2 beaconing through domain parking and lateral movement with RDP for first-time users by applying simple sequencing techniques

Plus, you’ll get bonus examples of highly complex sequencing approaches.

Webinar duration: 30 minutes

Webinar language: English

DO NOT EDIT

Our Speaker

Doug Brown

Doug Brown

Senior Threat Hunter
CrowdStrike