forensic state analysis threat hunting

Webinar: Forensic State Analysis – A New Approach to Threat Hunting

This post was last updated on August 7th, 2019 at 03:29 pm

If an attacker had a foothold in your network today, would you know it?

Webinar Overview

Whether your defenses were successfully evaded or an analyst misinterpreted a critical alert, chances are the attacker has entrenched themselves for the long haul. The act of searching for these well-hidden and persistent threats is called threat hunting.

In this recorded webinar, threat hunters from the SANS Institute and Infocyte discuss how to adapt Digital Forensics & Incident Response (DFIR) techniques to proactively hunt for unknown threats across an entire enterprise network. This approach is called Forensic State Analysis (FSA). Ultimately, FSA arms hunters with an effective and efficient methodology to hunt without relying solely on sophisticated security infrastructure, sensors, or big data.


About The Speakers

Alissa Torres

Alissa Torres is a SANS analyst and certified SANS instructor specializing in advanced computer forensics and incident response (IR). She has extensive experience in information security in the government, academic and corporate environments. Alissa has served as an incident handler and as a digital forensic investigator on an internal security team. She has taught at the Defense Cyber Investigations Training Academy (DCITA), delivering IR and network basics to security professionals entering the forensics community. A GIAC Certified Forensic Analyst (GCFA), Alissa holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT, and CTT+ certifications.

Chris Gerritz

Chris Gerritz is a co-founder of Infocyte, a developer of endpoint threat hunting solutions focused on breach discovery and interactive network defense. Chris is a pioneer in defensive cyberspace operations having previously established and led the U.S. Air Force’s first Enterprise-scoped Hunt Team. In this role, he led a team of 28 operators and analysts tasked with finding, tracking, and neutralizing state-sponsored threats on the Air Force’s $2B, 800k node enterprise network. He personally conducted and/or oversaw 350+ adversarial hunt and rapid response missions on networks throughout the world. Chris holds a B.S. in Electrical & Computer Engineering from Oregon State University.

View Webinar



  • Hidden
  • Hidden
  • Hidden
  • This field is for validation purposes and should be left unchanged.
Posted in