SANS Digital Forensics and Incident Response Blog

SANS Threat Hunting and Incident Response Summit - Call For Presentations


Call for Speakers- Now OpenDFIR_B2.1_newicon

Summit Dates: April 18-19, 2017
Call for Presentations Closes on 21 October 2016
Apply here:

The Threat Hunting & Incident Response Summit will focus on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting your networks. SANS and our advisory partner Carbon Black are pleased to invite you to the Summit where you will have the opportunity to directly learn from and collaborate with incident response and detection experts who are uncovering and stopping the most recent, sophisticated, and dangerous attacks against organizations.

Chances are very high that hidden threats already exist inside your organization's networks. Organizations can't afford to assume that their security measures are impenetrable, no matter how thorough their security precautions might be. Prevention systems alone are insufficient to counter focused human adversaries who know how to get around most security and monitoring tools.

The key is to constantly look for attacks that get past security systems, and to catch intrusions in progress rather than after attackers have attained their objectives and done worse damage to the organization. For the incident responder, this process is known as "threat hunting." Threat hunting uses known adversary behaviors to proactively examine the network and endpoints and identify new data breaches.

If you are interested in presenting or participating on a panel, we'd be delighted to consider your Threat Hunting-focused proposal with use cases and communicable lessons. We are looking for presentations from both the intelligence producer and the intelligence consumer fields with a focus on topics that will be directly relatable and applicable to the summit audience.

The Threat Hunting and Incident Response Summit offers speakers opportunities for exposure and recognition as an industry leader. If you have something substantive, challenging, and original to offer, you are encouraged to submit a proposal.

CFP submissions should detail how the proposed Threat Hunting and Incident Response case study, tool or technique can be utilized by attendees to increase their security posture. All Threat Hunting and Incident Response Summit presentations will be 30 minutes with 5 minutes for questions.

We are looking for Threat Hunting and Incident Response Presentations that focus on:

1. The effectiveness of threat hunting in reducing the dwell time of adversaries
2. Threat hunting — Buzzword or Actionable Strategy
3. Automated threat hunting: Fact or fiction
4. Threat hunting tools, tactics, and techniques that can be used to improve the defense of your organization
5. Case studies on the application of threat hunting to security operations
6. Innovative threat hunting tactics and techniques
7. New tools that can help threat hunters