Threat Hunting with Polarity
April 20, 2023 @ 6:00 pm - 8:00 pm HST
| FreeSpecial 2 hour event! Threat hunting and a tournament of glory with prizes! What more can you ask for? Sponsored by Polarity!
(ISC)² Hawaii Chapter – Threat Hunting with Polarity
The chances are very high that hidden threats are already in your organization’s networks. Prevention systems and tools help reduce opportunities for adversaries and enable analysts to operate more effectively. The key, however, is to constantly look for attacks that get past security systems and to catch intrusions in progress rather than after attackers have completed their objectives and done worse damage to the business. This process is referred to as “Threat Hunting.”
Armed with an understanding of the general methodologies that the attacker utilizes in modern Advanced Persistent Threats (APT), we can better equip ourselves to defend and disrupt this type of attack. The goal of this talk is to help analysts and defenders learn how to hunt for these threats. Defenders get the benefit of Polarity unifying all of their data sources so that they can see across all of the phases of an attack to give them the best chance of detecting an adversary.
Triage Tournament:
If you plan to participate (which you should), please bring your laptop!
The Polarity Triage Tournament competition is a series of short head-to-head sprints rather than a marathon. The fastest correct answer submission for each sprint wins. Simple questions will test how fast you can triage micro datasets. For example, you might need to pick out the three vulnerabilities that are remotely exploitable from a list of 10 CVEs, find the benign IP in a list of known C&C servers, or decode the powershell payload from a base64 string. Each challenge lasts seconds or minutes and when all else fails, can usually be solved with some web searching.
All skill levels are able to compete, and your StarCraft micro or ShmooCon ticket purchasing skills will help, but you may also want to bring some of your favorite free security tools such as Google Search, CyberChef, and Polarity Community Edition. Scripting/programming/machine learning skills will not be necessary but we won’t stop you if you want to use them.
Come join (ISC)² Hawaii and Polarity as we talk about Threat Hunting. Food and drinks will be provided.
Doors open at 5:30 PM but event will start at 6:00 PM!
Members and Non-Members. FREE
If not already a member, join here: https://isc2chapter-hi.org/membership
Registration required. Certified(ISC)² professional Hawaii members receive 2 continuing professional education (CPE) and we will submit on your behalf. Non-members and international members also receive 2 CPE but we are unable to submit credits for you.