PowerShell Threat Hunting with Infocyte’s Chris Gerritz at BSides Las Vegas

The failure of automated prevention and detection technologies

To stop malware from breaching defenses, coupled with a disappearing perimeter opens the door for active threat hunting to become an increasingly important skill among network defenders.

Threat hunting is the practice of searching for badness and unauthorized activity on our own systems or network.  By knowing what is normal in our networks and what is possible of adversaries, the hunter can identify malware, signs of unauthorized activity, and indicators of compromise lurking within.

In this videotaped session presented at BSides Las Vegas this August on PowerShell-Fu – Hunting on the Endpoint, CEO Chris Gerritz explores how to hunt for malware and compromises on Windows endpoints using built-in PowerShell commands and scripts.  He explores how to validate what’s running on your systems and identify some of the tell-tale signs that you’ve been penetrated.  The skills demonstrated will be useful on your own local system or remotely against hundreds or even thousands of systems.

Watch the BSides Las Vegas Session on PowerShell-Fu – Hunting on the Endpoint Now

Interested in our enterprise ready solution?
Learn more about discovering hidden threats lurking on your network with Infocyte HUNT.

See Infocyte HUNT in Action. Request a Live Demo.

Request a Live Demo of Our Award-winning Threat Hunting and Incident Response Platform.

More from our blog

cybersecurity siem alert validation fatigue

Security Brief: SIEM Alert Validation and the Dangers of Alert Fatigue

March 27, 2019

Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.

Read More »
2018 healthcare data breaches report

5 Takeaways From Reviewing 2018’s Healthcare Data Breaches

March 19, 2019

In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…

Read More »
hidden cyber attacks

Hunting, Detecting, and Responding to Hidden Threats Using FSA

March 12, 2019

A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…

Read More »