Suz Hinton

Ten seconds, and then it self-destructs. yeah like private institutions um so for example like CrowdStrike threat hunters are actually threat hunters for hire so they work with companies directly And, you know, if you look at the product offering online, it's called Overwatch.

Ten seconds, and then it self-destructs. yeah like private institutions um so for example like CrowdStrike threat hunters are actually threat hunters for hire so they work with companies directly And, you know, if you look at the product offering online, it's called Overwatch.

There are different tiers of it where they'll even give you, you know, briefings on the latest threats to look out for and things to maybe specifically look at for your industry even. So, you know, if this company is a financial tech industry and they're working with CrowdStrike, the Overwatch team, the threat hunters can, you know, give actual briefings on what they're seeing as trends in that

There are different tiers of it where they'll even give you, you know, briefings on the latest threats to look out for and things to maybe specifically look at for your industry even. So, you know, if this company is a financial tech industry and they're working with CrowdStrike, the Overwatch team, the threat hunters can, you know, give actual briefings on what they're seeing as trends in that

financial industry based on attacks on other companies that are similar to them. And so the threat hunters do a lot of different services. And so it's going to depend on whether you're in the private or public sectors to like what tools you use as well. So I'm sure that there are teams that use Jira to keep track of intrusions and dump a bunch of data in there.

financial industry based on attacks on other companies that are similar to them. And so the threat hunters do a lot of different services. And so it's going to depend on whether you're in the private or public sectors to like what tools you use as well. So I'm sure that there are teams that use Jira to keep track of intrusions and dump a bunch of data in there.

But I think that a lot of these tools tend to be very proprietary. And so, you know, they've been designed and developed and incrementally, you know, improved based on the specific kind of work that these threat hunters doing at their institution. That's all I can say.

But I think that a lot of these tools tend to be very proprietary. And so, you know, they've been designed and developed and incrementally, you know, improved based on the specific kind of work that these threat hunters doing at their institution. That's all I can say.

It's exactly the same as coding, really. I think if you know what you want to do in cybersecurity, such as threat hunting specifically or forensics or something related to that, I think that makes it a lot easier. What you can do is just try and look online for resources, for free resources, or you can actually enroll in...

It's exactly the same as coding, really. I think if you know what you want to do in cybersecurity, such as threat hunting specifically or forensics or something related to that, I think that makes it a lot easier. What you can do is just try and look online for resources, for free resources, or you can actually enroll in...

some certification programs as well which will give you the foundation so you kind of know where to go from there and obviously taking part in ctfs like so the code breaker ctf that nsa puts out the national security agency of the united states You know, we all can have complicated feelings about that company. I just want to sort of like, you know, preempt that.

some certification programs as well which will give you the foundation so you kind of know where to go from there and obviously taking part in ctfs like so the code breaker ctf that nsa puts out the national security agency of the united states You know, we all can have complicated feelings about that company. I just want to sort of like, you know, preempt that.

But they have a CTF every year called Code Breaker and it's a reverse engineering competition. And that's where I sort of got the fidget spinner from because I took part in it and I sort of placed at a certain level to get a fidget spinner. But that particular CTF I would recommend for Threat Hunters because it's

But they have a CTF every year called Code Breaker and it's a reverse engineering competition. And that's where I sort of got the fidget spinner from because I took part in it and I sort of placed at a certain level to get a fidget spinner. But that particular CTF I would recommend for Threat Hunters because it's

There's a sort of fictional narrative they put out as part of the CTF and they keep drip feeding you all of this additional evidence of a breach and you're supposed to unwind what happened. And so the one that I participated in, they were giving you everything from compromised Docker containers to network logs to, yeah, like Wireshark PCAP dumps showing network traffic.

There's a sort of fictional narrative they put out as part of the CTF and they keep drip feeding you all of this additional evidence of a breach and you're supposed to unwind what happened. And so the one that I participated in, they were giving you everything from compromised Docker containers to network logs to, yeah, like Wireshark PCAP dumps showing network traffic.

And so you had to reverse engineer a bunch of,

And so you had to reverse engineer a bunch of,

binary executables you had to figure out how the docker container got compromised then you had to reverse engineer the protocol that the threat actors were using on the network and then you had to kind of then hack back into their computer to find further evidence you know and i think being able to sift through evidence like that is probably the the best skill to practice when it comes to wanting to get into that side of cyber security

binary executables you had to figure out how the docker container got compromised then you had to reverse engineer the protocol that the threat actors were using on the network and then you had to kind of then hack back into their computer to find further evidence you know and i think being able to sift through evidence like that is probably the the best skill to practice when it comes to wanting to get into that side of cyber security