For the best web experience, please use IE11+, Chrome, Firefox, or Safari

TEC Talk: Advanced Hypothesis-Based Threat Hunting with Microsoft Azure Solutions

TEC Talk Advanced Hypothesis-Based Threat Hunting with Microsoft Azure Solutions
On Demand
  • Recorded Date:Mar. 14, 2024
  • Event:On Demand
TEC Talk Advanced Hypothesis-Based Threat Hunting with Microsoft Azure Solutions
Seasoned cybersecurity professionals need to be aware that the alerts they receive in their SIEM solutions are not the only threats that their organization might be facing at a given time. Both successful exploitations and unsuccessful attempts can stay undetected for months causing a risk for the company’s cybersecurity posture. In fact, almost 65% of data breaches go undetected!

Hypothesis-based threat hunting can help us tackle this issue by assuming that an incident of any kind has already happened and that the Indicators of Attack/Compromise just need to be uncovered. This way, we can proactively detect threats in our environment and enhance the detecting solutions afterwards with new experience gained while hunting for such occurrences.

During this session, Mike Jankowski-Lorek will show you how to:
  • Come up with a good hypothesis tailored for your own environment
  • Create KQL queries based on what we know from the hypothesis
  • Analyze the results to disclose any unwanted activity
  • Solutions used during this session include (but are not limited to) Microsoft Sentinel, Microsoft 365 Defender, and Azure AD.

Dr. Mike Jankowski-Lorek is a cybersecurity expert, solution architect, consultant, penetration tester and developer with more than 18 years of experience in the field. He designs and implements solutions for organization identity and access, databases, network and security monitoring and management, mainly working in Microsoft ecosystem for medium to enterprise-level organizations.

Speakers

Dr. Mike Jankowski-Lorek is a cybersecurity expert, solution architect, consultant, penetration tester and developer with a Ph.D. in Computer Science and more than 18 years of experience in the field. He designs and implements solutions for organization identity and access, databases, network, and security monitoring and management, mainly working in Microsoft ecosystem for medium to enterprise-level organizations. He is constantly supporting organizations in increasing their cybersecurity posture and journey to the cloud, working with management and technical personnel to solve issues and mitigate potential threats for the organizations. Since 2007, he has been closely cooperating with the Polish-Japanese Academy of Information Technology in Warsaw, teaching security, database, and data mining-related subjects. As a trainer at CQURE Academy, he delivers trainings related to Windows infrastructure security, hacking of Microsoft ecosystems, cloud solutions, database servers security, penetration testing and others.

Watch Your Free Webcast

Please wait...

triangle-down check
By downloading, you are registering to receive marketing email from us. To opt-out, follow steps described in our Privacy Policy.

reCAPTCHA protects this site. See Google's Privacy Policy and Terms of Use.