ITU's 160 anniversary

Committed to connecting the world

Practical Cyber Threat Hunting

​​​​​​​​​​< Back to the main ITU 2020 Global CyberDrill page​

ONLINE TRAINING





Thursday 19 November 2020​


14:30-17:00 CET​​
13:30-16:00 GMT


Speakers​​

Live
Captioning
Archive


Registration: Training Sessions


Remote participation Registered user only


DESCRIPTION OF THE TRAINING​


Cyber Threat Hunting Workshop provided participants with an overview of how activities are usually carried out daily in hunting threat actors, and also how to use threat intelligence as one of the datasets in carrying out the hunting process. In this workshop, participants discussed fundamental things and received introduction about threat hunting, threat hunting framework, Detection Engineering, Threat Hunting Use Case, Threat intelligence and Honeypot.

Threat hunting is a process that focuses on activities that are repeated in nature, by taking an approach to identify and understand threat actors who may have exploit and infiltrate your network and your infrastructure. Threat Hunting is a proactive cyber defense approach using presumption of compromise mindset. This assumption is that threat actors are already in your environment, despite your best efforts to prevent them. Threat hunting activities look at indicators, look for anomalous behaviour in your system, and try to create hypotheses about how a threat actor is able to enter your system environment. Thus, you can predict, or see possible loopholes that can be done by threat actors.

Threat Hunting is often confused with Threat Intelligence, even though these two things are closely related to one another. Threat intelligence in this case is a platform that can be used as evidence-based research which aims to find indicators of a threat actor based on information from various threat intelligence feeds. Therefore, in their activities, Threat Hunting may actually provide a feed to the threat intelligence platform for an unknown attack indication, or even vice versa, in threat hunting activities, threat hunters use threat intelligence as their weapon to carry out the hunting process.





TRAINER


Digit Oktavianto is a Cyber Security Professional with 10+ Years Experience. Born as Blue Team. Currently Focusing on DFIR Area, Threat Hunting, Threat Intelligence, Threat Attribution, Malware Analysis, Security Operation Center Development and SOC Maturity Assessment. Currently he manages a cyber security consulting firm in Jakarta. In his previous roles, Digit focused on the Security Operation Center where he started the career in the blue team area. His experience in SOC built his skill and knowledge from incident response, digital forensic investigation and threat hunting process. Within this role, he has a good experience on Managed Security Services (MSS) projects, Security Operation Center, operate and maintain SIEM tools, and also conducted DFIR tasks for many customers.
He loves doing malware analysis and reverse engineering and doing this activity as a hobby in spare time. During his free time, Digit also played Blue Team Capture The Flag competition such as OpenSOC CTF, SANS Netwars Defense CTF, and Digital Forensic CTF. He conducts several Cyber Security Training such as Security Monitoring, Incident Response, Digital Forensics, Threat Hunting, Malware Analysis, Threat Intelligence, Penetration Testing & Vulnerability Assessment for various organizations.