Skip to main content

Cyberchess LV

Workshop: Threat hunting with VirusTotal

Date: October 1, 2024

Threat hunting is one of the most powerful techniques to proactively uncover and neutralize threats. While it has traditionally been a blend of science and intuition, we witnessed a surge of innovative tools and techniques that can significantly enhance its effectiveness. In this hands-on workshop, we will explore how to effectively use new and traditional techniques including: Identify, monitor and get full context of malicious campaigns. Effective semi-automated YARA generation. Netloc hunting. Similarity analysis. Understanding and leveraging AI engines for code analysis. Tackling large datasets.

Throughout the workshop, you will engage in practical exercises and real case studies, equipping both seasoned and new hunters with practical knowledge to find and monitor all kinds of real threats.

Conference: From AI to Emulation: Innovations and Applications

Date: October 2, 2024

During the session we will see how, through the use of AI and behaviors extracted from sandboxing and intelligence services such as VirusTotal, emulations can be created that help different teams such as blue teams, detection engineering teams and purple teams to improve the gaps in detection.

We will take several examples to see the different results we have obtained, the pros and cons and how this approach can be improved in the future.

We will share the results obtained and also the tools and techniques that we have used to carry out this research.