FloCon 2017 has ended
Back To Schedule
Wednesday, January 11 • 10:00am - 10:30am
Next Generation Incident Response: Tools and Methods for Hunting and Responding to Advanced Threats

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The cyber threat landscape is constantly shifting. Attackers continually develop new tactics, tools, and procedures (TTPs) to breach and gain entry into systems. This requires incident response teams to be able to adapt and respond to these agile and dynamic threats on a daily basis. The National Cybersecurity and Communications Integration Center's (NCCIC) Hunt and Incident Response Team (HIRT) is the primary source of agile and dynamic incident response and hunt services to the entire federal network space. In this capacity, it is necessary for HIRT to assess and adapt to the myriad of operational hurdles caused by the dynamic nature of the adversary and the uniqueness of every client network that it deploys to. Adaptation to these variables is achieved in two ways by the NCCIC HIRT. Foremost, a sound methodology for ad hoc deployment to client networks must be established. This methodology will serve as the foundation for all hunt and incident response operations. Lastly, integration and correlation of data from disparate sources must occur for success to be achieved. Host based, network flow, infrastructure devices, and intelligence sources must all be utilized in conjunction with one another to achieve success in the field. NCCIC HIRT must utilize custom hardware and software solutions and accompanying analysis and deployment methodologies for all components of the mission to work seamlessly. Next generation incident response kits and accompanying methodologies and workflows have been developed to combat this constantly changing threat landscape.


Casey Kahsen

Northrop Grumman
Casey has over 7 years of experience in digital forensics and cyber operations. He has been supporting the Department of Homeland Security with Northrop Grumman for over two years. During this time he has supported projects including cyber hygiene and threat reporting, automated indicator... Read More →

David P Zito

Senior Incident Response Analyst, Northrop Grumman
David graduated from Longwood University in 2007 with a Bachelor’s Degree in Computer Science.  He went on to receive his Master’s Degree in Cyber Security from University of Maryland University College in 2013.  In addition to his degrees, David also holds the GIAC Certified... Read More →

Wednesday January 11, 2017 10:00am - 10:30am PST
Great Room V-VIII 7450 Hazard Center Dr.