back to agenda
on this page
I41:A Bundle for Endpoint Hunting Openly
- 15:00
- Thu
- 16 Nov
Stage:
Arsenal 4
Format:
Session
Presenter:
Managing Security Consultant
Session is introduction to a plugin on jupyter and kestrel where hunters can use to hunt on end points using OSquery. this tools helps hunters and SOC engineers to test the use cases without over loading security production tools.
The plugin uses Kestrel for regressive hunting and easy of comparing patterns, instead of having data-lakes which cost a lot of money, which cost more if used in testing or hunting.
Presenter:
Managing Security Consultant