Threat Hunting After the SolarWinds Solar Storm

You’ve read the FireEye report and reviewed CISA’s Alerts. You’ve reviewed all the IOCs. Now what? Where does threat hunting begin in your environment, and at what point can it end? If CISA, FireEye and SolarWinds have provided us with “known knowns,” what about the “unknown knowns”—like other third party compromises that have been reported? What’s a security team to do?

Find out in this exclusive workshop with QOMPLX Senior OSINT Specialist and resident red team expert Joe Gray. Joe discusses:

  • The best approach for standing up a potent threat hunting operation in your organization;
  • How to establish “ground truth” in your environment; and
  • How to look beyond the IOCs to assess your organization security posture.