Skip to main content
back to agenda
on this page

I41:A Bundle for Endpoint Hunting Openly

  • 15:00
  • Thu
  • 16 Nov
Stage:
Arsenal 4
Format:
Session

Presenter:

Session is introduction to a plugin on jupyter and kestrel where hunters can use to hunt on end points using OSquery. this tools helps hunters and SOC engineers to test the use cases without over loading security production tools.

The plugin uses Kestrel for regressive hunting and easy of comparing patterns, instead of having data-lakes which cost a lot of money, which cost more if used in testing or hunting.

Presenter: