Full Circle Detection: From Hunting to Actionable Detection
How do you create new efficient, accurate, resilient detection rules? There are a lot of steps to follow. This talk will take you to what I call Full Circle Detection. Starting with where to get hunting ideas to giving a turnkey alerts for your Security Analysts using a real world step by step example.
In this talk the audience will see how a simple blog article (about an Outlook Persistence technique) can and should spark a whole chain of action from your security team.
🤠 Please join discord (https://texascyber.com/discord ) to chat with the speaker during this broadcast, they will be in their specific channel chatting with attendees
For each of the applicable steps below, sample code will be provided.