A|C — Beacon Analysis – The Key to Cyber Threat Hunting | Chris Brenton

Want to level up your threat-hunting knowledge? Take our FREE, hands-on threat hunt training course: https://www.activecountermeasures.com...

00:00 - PreShow Banter™ — Powered by Coal
05:17 - PreShow Banter™ — Creepy Doll
06:49 - PreShow Banter™ — Meet the Crew
08:21 - PreShow Banter™ — Malware of the Day
09:27 - PreShow Banter™ — Company Shirts
12:25 - PreShow Banter™ — Florida Wild Kingom
15:34 - FEATURE PRESENTATION: Beacon Analysis - The Key to Cyber Threat Hunting
15:51 - Why look for Beacons?
19:25 - The Purpose of Threat Hunting
20:50 - What is a Beacon?
27:55 - Beacon Detection based on Timing
33:38 - Beacon Detection based on Session Size
40:25 - Potential False Positives
44:08 - DEMO: Example Hunt
52:15 - How do you practice?
55:38 - QnA

Video Description: Beacon analysis is by far the most effective method of threat hunting your network. In fact, I would argue that if you are not checking your network for beacon activity, you have a huge gap in your defenses that attackers will happily leverage.

In this webcast, Chris Brenton will discuss the anatomy of beacons and why you need to be looking for them during a threat hunt. He also talks through the challenges of detecting beacons, and some tricks you can use.


Active Countermeasures Socials
Twitter:   / activecmeasures  
LinkedIn:   / active-countermeasures  
Discord:   / discord  

Our Threat Hunting Tool ~ AC-Hunter (Formally AI-Hunter)
Features - https://www.activecountermeasures.com...
Interactive Demo Space - https://www.activecountermeasures.com...

Active Countermeasures Open-Source Tools
https://www.activecountermeasures.com...

Educational Threat Hunting Content
FREE 6-Hour Threat Hunt Training: https://www.activecountermeasures.com...
Active Countermeasures Blog: https://www.activecountermeasures.com...
Active Countermeasures YouTube:    / activecountermeasures  

Learn Threat Hunting Skills from Antisyphon Training
Entry-Level (Pay-What-You-Can): https://www.antisyphontraining.com/pa...
Advanced: https://www.antisyphontraining.com/ad...

Active Countermeasures Shirts
https://spearphish-general-store.mysh...

Our Tribe
Black Hills Infosec: https://www.blackhillsinfosec.com/
Wild West Hackin' Fest: https://wildwesthackinfest.com/
Antisyphon Training: https://www.antisyphontraining.com/