Threat Hunting with Carbon Black and Surveyor

Performing data analysis at scale is no simple task.

Michael Haag, Red Canary’s Director of Advanced Threat Detection & Research, walks through how to use Carbon Black Response and Surveyor to operationalize threat hunting and find evil across an enterprise.

Viewers will learn how to:

Use Surveyor to baseline an environment
Translate hunts into detection criteria
Manage watchlists and feeds at scale

Related Resources

Events & Webinars| Linux security

Chain Reactor: Adversary Simulation on Linux

Articles| Detection and response

Testing adversary technique variations with AtomicTestHarnesses

Articles| Detection and response

Detection validation: going atomic on false negatives

Articles| Atomic Red Team

Breaking into infosec and learning new skills with Atomic Red Team

Events & Webinars•Threat hunting
Michael Haag•

Threat hunting at scale using Carbon Black Response + Surveyor

Performing data analysis at scale is no simple task.

Related Resources

See what it's like to have a partner in the fight.

Experience the difference between a sense of security and actual security.

Events & Webinars•Threat hunting Michael Haag•

Threat hunting at scale using Carbon Black Response + Surveyor

Performing data analysis at scale is no simple task.

Related Resources

See what it's like to have a partner in the fight.

Experience the difference between a sense of security and actual security.

Events & Webinars•Threat hunting
Michael Haag•