top of page

Talk - Panel

Panel - Streamlining Threat Hunting in Cloud Environments with Jupyter

Streamlining Threat Hunting in Cloud Environments with Jupyter

Threat hunting is an essential cybersecurity practice that involves proactively searching for cyber threats that evade existing security solutions. In this session we will explore the capabilities of Jupyter notebooks as a powerful tool to enhance threat hunting capabilities, especially across cloud platforms like Micrsoft Azure and AWS. In our exploration, we will focus on identifying common attack Tactics, Techniques, and Procedures (TTPs) utilized by threat actors. We'll be introducing a Jupyter notebook containing detections mapped to the MITRE ATT&CK framework and threat hunting methodologies backed by unsupervised machine learning. We will take a look at huge datasets using visualizations to find anomalies. These anomalies would be converted into High-Fidelity Detection, along with some ideas to extend this hunt to IAM Platforms like OKTA. The flexibility of Jupyter notebooks allows for the incorporation of machine learning models and statistical techniques to predict and identify potential threats based on historical data. This predictive capability is invaluable for staying ahead of threats.

Tuesday, September 24, 2024 at 8:25:00 p.m. UTC

2:25pm-3:10pm

PIC 233

bottom of page