SMMUG event in Portland ME: Threat Hunting
March 21 @ 4:30 pm - 5:30 pm
CrowdStrike and LogRhythm have partnered to deliver an intense adversary threat hunting program. Learn the latest advanced adversary techniques and latest tradecraft. You will advance your threat hunting skills and methods and take your organization’s ability to detect and hunt to the next level.
Presentation (30 mins) – Christian Rodgriguez, CrowdStrike Sales Engineering Manager
• What is threat hunting, and why is it a critical discipline in today’s security operations center?
• What are the latest tactics and techniques being used by modern adversaries?
• What data and tools do I need to effectively hunt for threats?
• How can I evolve threat hunting from an ad-hoc task to an operational part of my SOC?
Demo (30 mins) – Victor Hogarth, LogRhythm Sales Engineer
• Brief Overview of the LogRhythm Solution in conjunction with CrowdStrike
• Adhoc Threat Hunting via LogRhythm & CrowdStrike dashboard
• Investigate and triage an Alarm triggered via Crowdstrike related to suspicious PowerShell activity
• Perform basic data enrichment (threatIP lookup, contextualization) and automated responses
• Create a case and elevate to an Incident
Cristian Rodriguez, CrowdStrike Sales Engineering Manager
Cristian is a technical sales professional with over 12 years of experience providing consultative sales support and guidance to large enterprise customers, while collaborating with sales executives and partners to develop and architect security solutions. Expertise in End Point Protection, Data Loss Prevention, Web Security Gateway Architecture and Email Security Solutions, in addition to firewall, IPS/IDS, SIEM, malware sandboxing and mobile security solutions.
Victor Hogarth, LogRhythm Sales Engineer
Victor is an Enterprise Sales Engineer with LogRhythm for the last 3+ years. Prior to coming to LogRhythm, Victor previously worked at Rapid7 managing their Technology Alliance Program, of which LogRhythm was one of their focus partners. In his pre-Vendor life, he was a Network Security Engineer overseeing day to day operations of a Boston based hospital NOC/SOC
Please join us! No charge to attend, and an RSVP is required
FMI or to RSVP: Tricia@smmug.info
Doors open at 4:00pm