Title: Drilling Down into the OverWatch Dataset: Threat Hunting in the Oil and Gas Industry
Abstract & Key Takeaways:
Join Michael Wylie and Jessica Lee from CrowdStrike’s Counter Adversary Operations, OverWatch Elite team for a deep dive into threats to the Oil and Gas vertical as seen in the rich OverWatch dataset. We will share insights from OverWatch intrusions, including which adversaries have impacted the Oil and Gas vertical, the techniques they favor, and which tools these adversaries have at their disposal. We will follow these observations by delving into some of the most pressing threats to the industry, including actionable takeaways for you to start hunting for this activity in your environment today.
The CrowdStrike Falcon OverWatch managed threat hunting service is built on the CrowdStrike Falcon platform. Falcon OverWatch’s mission is simple — to augment technology-based defenses with 24/7/365 human-led analysis to uncover attempts to subvert automated detection controls. As part of the Counter Adversary Operations’ defensive unit, Falcon OverWatch actively partners with CrowdStrike Intelligence at the cutting edge of the threat landscape. Counter Adversary Operations combines telemetry, tooling, threat intelligence and human ingenuity that enables threat hunters to uncover even the most sophisticated and stealthy threats — raising the cost for adversaries and leaving them with nowhere to hide.
Michael Wylie, Director, OverWatch Elite, Crowdstrike
Jessica Lee, Senior Threat Hunter, Overwatch Elite, CrowdStrike
After successfully selling his boutique cybersecurity-consulting firm, Michael Wylie transitioned into the role of Director of Cybersecurity Services at a prominent accounting firm ranked among the top 100. During his tenure, Michael was responsible for managing all aspects of cybersecurity service delivery acting as a vCISO, gaining invaluable experience in diverse areas of divisional leadership. This encompassed leading teams of security engineers, coordinating penetration tests, and overseeing incident management for clients across various industries on a global scale. Currently, Michael is at the forefront of preventing data breaches by spearheading a unique global team of elite threat hunters, catering to the cybersecurity needs of organizations worldwide.
Jessica Lee is dedicated to helping customers detect and disrupt advanced adversary activity as a Senior Threat Hunter on the Counter Adversary Operations team at CrowdStrike. Jessica has 9 years of experience in the cybersecurity industry, with expertise in both threat hunting and cyber threat intelligence. Prior to her current role with CrowdStrike, Jessica helped to build threat intelligence capabilities at two global organizations, one being an oil and gas supermajor and the other a global financial organization with a focus on investments and insurance. Jessica is a co-author of the CrowdStrike research paper “8 LOLBins Every Threat Hunter Should Know” and has presented at several industry conferences and to a variety of information sharing groups. She holds the GIAC GCFA, GCIA, GCTI, and GSEC certifications.