HAPPY THREAT HUNTING
Musings on building a kickass threat hunting program
GETTING STARTED
My Roots
In 9th grade I took a test to predict the career I would have in the future based on my aptitudes. I slightly laugh now at the idea given my current career didn't even exist when I graduated college. On the test, I scored high in one area in particular - "abstract reasoning". According to study.com, abstract reasoning refers to the ability to analyze information, detect patterns and relationships, and solve problems on a complex, intangible level. It is the ability to quickly identify patterns, logical rules and trends in new data, integrate this information, and apply it to solve problems. In 9th grade, this meant nothing to me.
Fast forward past my software engineering days to my days at Mandiant where I learned incident response. Finding patterns and relationships that identified attacker activity became my sweet spot and for the first time abstract reasoning as an aptitude made sense.
Recently I have become rather obsessed with the larger and complex problem of developing elite blue team ecosystems within organizations.
Organizations Worth Supporting
Women in Security and Privacy (WISP) advances women to lead the future of privacy and security.
Education: Help women identify and achieve the level of education and skills required to succeed in security and privacy positions across multiple industries.
Mentoring & Networking: Foster a community for knowledge-sharing, collaboration, mentorship, and networking.
Advancement: Support the career advancement of women in security and privacy.
Leadership: Increase thought leadership by women in security and privacy.
Research: Conduct independent research related to recruitment, retention, and advancement of women in security and privacy.
Electronic Frontier Foundation
The Electronic Frontier Foundation is the leading nonprofit organization defending civil liberties in the digital world. Founded in 1990, EFF champions user privacy, free expression, and innovation through impact litigation, policy analysis, grassroots activism, and technology development.
