Threat Hunting: Rethinking 'Needle in a Haystack' Security Defenses
7/24/2018In cyber, needles (that is, threats) can disappear quickly, for a variety of reasons, and long often after hackers have completed what they came to do.
Post a Comment
Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Devon Kerr is a principal researcher at Endgame, focusing on detection and response technologies. Formerly a Mandiant incident response and remediation lead, Devon has over 6 years of experience in security professional services where he has worked with clients in a nearly every conceivable industry. He has significant experience helping Fortune 500 organizations with the detection, response, and containment of advanced targeted threat actors and has led large-scale network and application architecture reviews, post-incident strategic planning, and regulatory gap assessments. He has delivered a range of technical presentations for security conferences, industry organizations, and the United States Department of Defense. Prior to his career in information security, Devon spent 15 years in operations roles as a system administrator and network engineer.