Threat Hunting Summer Camp

background image

Join us for Threat Hunting Summer Camp!

Over the next 12 weeks, RiskIQ experts will host virtual threat hunting workshops that will fortify both your skillset and toolset for this new age of cybercrime. From the comfort of home, you'll become an expert with PassiveTotal, RiskIQ's Threat Hunting Platform, joining the tens of thousands of security analysts who have relied on it to battle the spike in cybercrime related to the COVID-19 pandemic and presidential election.

The unique data sets in PassiveTotal were collected from RiskIQ's web crawling on a massive scale, intelligently correlated to help analysts work quicker and increase their output tenfold. Register, and by the end of camp, you'll wield RiskIQ's internet-wide visibility and leave your adversaries nowhere to hide.

Throughout the summer, our sessions will feature special guests from our RiskIQ Interlock Program Partners, including CrowdStrike and Splunk.

Topics Include:

  • Intro to Threat Infrastructure Analysis
  • Are You Asking the Right Question of the Data?
  • How to Pivot Between Multiple Threat Datasets to Isolate Attacker Infrastructure
  • Enhanced Context via Web Crawling
  • Use Cases – Hands-On Exercises and Investigations
  • Common Analyst Pitfalls
  • Hands-On Exercises
  • Receive 2 CPE credits.*

*Certificates for completion are distributed for attending the entire workshop


August 13th10:00 a.m. - 12:00 p.m. PDTFeaturing Interlock Partner: CrowdStrike
August 19th10:00 a.m. - 12:00 p.m. PDTRiskIQ Exclusive
ScamNation threat report coauthors will lead this session, explaining the process and techniques used to link seemingly unassociated elements to build the report’s explosive narrative about a massive COVID-19 scam ecosystem.
August 27th10:00 a.m. - 12:00 p.m. PDTRiskIQ Exclusive
In this session, RiskIQ researchers will demonstrate how they used RiskIQ PassiveTotal to connect a cookie associated with a "Chinoxy" malware sample with a range of known threat actors, as well as uncovered an entire network of new, unknown threat infrastructure.
Cookie Land, Vulnerability investigation, Covid-19 Relief Investigation
September 2nd10:00 a.m. - 12:00 p.m. PDTRiskIQ ExclusiveMobile App & Phishing Investigations
September 10th10:00 a.m. - 12:00 p.m. PDTRiskIQ ExclusiveI3 Advanced Investigation takedown Q&A
September 24th10:00 a.m. - 12:00 p.m. PDTFeaturing Interlock Partner: SplunkSplunk Integration
October 8th10:00 a.m. - 12:00 p.m. PDTRiskIQ Exclusive
October 22nd10:00 a.m. - 12:00 p.m. PDTRiskIQ ExclusiveMobile Application Investigation
October 29th10:00 a.m. - 12:00 p.m. PDTJournalists and cybersecurity researchers working on behalf of civil society are battling a wave of cyberthreat and misinformation campaigns surrounding the U.S. election.

In this session we’ll look at known infrastructure to uncover broader misinformation campaigns. Guest journalists will demonstrate how they used RiskIQ PassiveTotal to uncover real misinformation campaigns.

Interested in attending?