This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Thursday, October 10 • 11:15am - 12:00pm
TH-2025 Hunting: How to start, go down a rabbit hole, and get out without relying on your tools

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Hunting is one of the hottest buzzwords when it comes to cyber security - especially in defensive oriented realms. As a result, there are hundreds of tools, articles, and books on how to hunt. Yet, if it was that simple - why are we still having issues doing this successfully - even if we ignore advanced threat actors? There are so many tools that may be able to report that something is happening on a network, but the blue teams themselves are unable to interpret these results in a timely manner, which results potentially missing something critical.

Therefore, rather than introduce a new tool, this talk will focus on how people can improve themselves to be better hunter, and how to better structure teams to also hunt more effectively. The tools that blue teams use cannot always be controlled - as tools are restricted by policy, money, and availability. Instead, what we can control is how we operate, how we educate ourselves, and overall how do we function during a hunt.In this talk, I’ll focus on how to improve yourself with technical skills and soft skills . However, it is impossible for just one person to always find the bad guy. As a result, I will also concentrate on how team structure, dynamics, and other skills are also important and how to improve these.

This talk is aimed for beginners and intermediate blue teams who are looking to further improve themselves and how they function, so that we can work on being effective.

avatar for Dr Chelsea Hicks

Dr Chelsea Hicks

Computer Scientist, DoD
Dr. Chelsea Hicks is a computer scientist for the Department of Defense. Dr. Hicks brings her background in cybersecurity via competitions, participating in the local infosec community, academic career, and professional career to provide insights when possible at conventions such... Read More →

Thursday October 10, 2019 11:15am - 12:00pm CDT
TEXAS BALLROOM - F Track 2 600 E Market St, San Antonio, TX Floor 4