Kenneth Peeples - Scale Team Threat Hunting with Kestrel as a Service — SecureWV

Threat hunting can be slow and tedious due to the manual steps required. Kestrel is an open source project that provides a language for humans to express what to hunt and a machine interpreter that deals with how to hunt. Although Kestrel improves the time to detect, there are limitations to team capabilities in threat hunting tools and standards. The power of team threat hunting may be able to remove the limitations, therefore, decreasing the MTTD (Mean Time to Detect), achieved by combining Kestrel with JupyterHub hunts with Kestrel huntbooks in order to be persistent and shared by team members.

Join this talk to learn about Kestrel as a Service and standing up an environment quickly.