Malicious execution is getting harder to detect. As adversaries work to blend in with legitimate activity, threat hunters need sharper techniques and a stronger understanding of behavior to uncover what traditional detection misses. This Level 2 workshop is designed for those ready to go beyond the basics and take on more complex hunting challenges.
Building on Intel 471’s Level 1 Execution workshop, this session focuses on deeper behavioral understanding and more advanced hunting techniques. You’ll examine how adversaries disguise malicious execution across PowerShell, LOLBins, macro payloads, and scheduled tasks, and apply structured methods to find them. Backed by threat intelligence and real-world telemetry, this interactive session will challenge your process, sharpen your approach, and help you uncover what others miss.
While this workshop builds on the foundation established in our Level 1 Execution workshop, completing that session is not required. However, you can revisit the Level 1 version of this workshop here: https://intel471.com/resources/webinars/threat-hunting-workshop-hunting-for-execution
Lee Archinal
Senior Threat Hunt Analyst, Intel 471
Lee is a U.S. Army veteran. While enlisted, he worked as a network administrator in diverse conditions. Since leaving the military, he has specialized in threat hunting and incident response. At Intel 471, Lee is responsible for developing cutting-edge hunting and detection content for the HUNTER platform.
Jorge Rodriguez
Director of Malware, Intel 471
As the director of the malware research team within the Intel 471 Malware Intelligence team, Jorge dissects malware internals and communication protocols to automate malware tracking. This approach enables real-time detection and tracking capabilities by uncovering full malware configurations, plugins, and commands as they unfold.
Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.