top of page

Workshop

Kai Iyer

Senior Security Engineer

EY Canada

Kai is a Senior Security Engineer at EY's Cyber Threat Management team and manages Applied Machine Learning Research and Security Engineering. He holds multiple certifications and has extensive knowledge in various domains, including Web-App Development, Data Science, Incident Response, DevSecOps and Purple Teaming. He is also an advocate for open source software and data privacy. He dreams of a world where no one clicks on phishing e-mails.

Threat Hunting with Jupyter Notebooks

Are you interested in threat hunting and want to learn how automate detections and use visualizations to find threats quickly? This workshop will outline detection and threat-hunting strategies that a SOC could adopt promptly to look for threats in their Endpoint environment. We will introduce how to convert SIGMA logic detections mapped to the MITRE ATT&CK framework into Python using Jupyter Notebooks. Once these detections are built, you can parse large amounts of data from Sysmon and Windows Security Logs to create high-fidelity detections within your environment. We will view and mould this data using the tabular format and visualizations. Doing this will show how visualizations establish relationships between entities more distinctly to see any anomalies and threats. We will also discuss how you can extend this hunt to Network and Cloud Environments. As a final piece to this workshop, we will allow participants to try out the skills learned by answering questions about the anomalies and threats they find within the dataset. Although this talk will be technical, we welcome anyone with an interest in learning about threat hunting to attend.

bottom of page