Building a Strong Threat Hunting Program with Andrew Munchbach
Description
Organizations fear adversaries will attack. Threat hunters assume adversaries are already in the system — and their investigations seek unusual behavior that may indicate malicious activity is afoot.
Andrew Munchbach, CrowdStrike’s Global VP, Field Engineering, joins Adam and Cristian in this week’s episode to explore what threat hunting is, how it works, and what makes a good threat hunting program.
As CrowdStrike’s “Chief Reddit Officer”, Andrew also shares how he came to run CrowdStrike’s Reddit account and discusses the platform’s evolving role in communicating with the security community. Now with nearly 20,000 followers, CrowdStrike’s Reddit account is used to share information — from key data on active attacks to weekly threat hunting exercises — with CrowdStrike customers and the general public.