Hunting for CONTI: TTPs Not IOCs | Intel 471 Skip to content

Hunting for CONTI: TTPs Not IOCs

Homepage Hero

The Conti ransomware is one of the most well-known and feared ransomware operations around, primarily because of their prolific targeting and ruthless efficiency. This has left many organizations, security teams and government agencies struggling to keep up. One of the primary challenges these groups face is that they are frequently relying solely or largely on simple IOCs for reactive retroactive protection, not proactive defense.

Join Intel 471's Scott Poley as he goes into a live threat hunt for the Conti ransomware using the latest threat intelligence reporting, and the very real pitfalls organizations face in trying to operationalize this data.

Then, Scott will take participants on a live threat hunt to demonstrate how organizations can begin to implement forward-looking defense by moving beyond IOCs, better operationalize existing threat intelligence reporting, and use the adversary's own actions against them to help organizations detect threats early in the attack lifecycle!

Participants of this special 30 minute session will experience:

  • An overview of the Conti ransomware threat, including recent geopolitical developments, and the implications these events have had on Conti.
  • A brief overview of the how existing threat intelligence reporting can often fall short, leading organizations to focus on the past and not the forward-looking defense they need.
  • A live hands-on-keyboard hunt for the Conti ransomware that demonstrates how existing threat intelligence reporting often isn't enough, and what organizations can do to take their security and intelligence to the next level.
  • A way forward for the industry that stresses proactive defense over continually growing and outdated lists of fragile indicators.
  • Exclusive FREE access to behavioral hunt content for the Conti ransomware and many others!

Watch the Webinar

CTA Background