Threat hunting is one of the most popular techniques used by security analysts for all kinds of investigations. It is both science and, to some degree, inspiration. However in the last years the security industry has developed new tools and techniques that can dramatically improve the effectiveness and efficiency of our threat hunting. In particular, similarity and automatic Yara generation are key when dealing with large amounts of data. In this talk we learn what's new in the process of threat hunting and showcase how to leverage new techniques available for analysts to step research up to the next level.

Speaker:

Vicente Diaz, Google

AttackIQ Purple Hats: www.purplehats.org/

AttackIQ Academy: academy.attackiq.com/

AttackIQ: attackiq.com/