“Pretty” Easy Threat Hunting
2021-06-12, 14:30–14:55, Track 2

Has your organization started threat hunting but are in the need of help to operationalize it into a more efficient process? This talk is geared towards teams that want to take their Threat Hunting to the next level. We will use pre-built templates in the form of notebooks to not only help with the hunt but prepare it for digestion for leadership.


Threat hunting is the most talked about subject in security operations. The concept of proactively looking for threats is nothing new. This talk is meant to help organizations that are already performing routine threat hunts to maximize their capabilities. We will look at how to leverage Python, Jupiter notebooks, and other tools to not only make threat hunting easier but also “pretty”. As one of the biggest gaps we see in threat hunting is how to show value to executives and others with in their organizations. We will provide examples how to create templates and reporting to easily build a repeatable process to highlight the efforts of your internal teams.

Nick Sweet is a Certified Information Systems Security Professional (CISSP) with more than 10 years of experience in public and private sector cybersecurity and risk management. His areas of expertise are in security operations, penetration testing, network security, and risk management.

Prior to joining Avertium, Nick lead incident response, threat intelligence, and vulnerability management at Nielsen, lead organizational change across the Department of Energy regarding full disk encryption adoption at the Oak Ridge National Laboratory, and worked at the University of Tennessee’s statewide education system as a senior security analyst.

With a genuine passion for cybersecurity and leadership, Nick enjoys working with his teams to improve customers’ security posture by challenging their established norms.