Agenda

Get ready for an action-packed day at Hunt Club! Our customer-focused sessions will help you get the most out of the Vectra platform. From technical deep dives to practical tips, you'll walk away with insights you can put into action.

The 2025 agenda is coming soon, but in the meantime, check out our 2024 lineup to see what’s in store. And don't worry—both locations will feature the same great content, so you won’t miss a thing!

Our 2024 Agenda

12pm – 1:00pm
Welcome Lunch
12 pm - 1:00 pm
Join us for a welcome lunch before we kick off Hunt Club 2024 with out dedicated training day!
1:00 pm
-
1:15 pm
Hunt Club Kick-off
1:00 pm
-
1:15 pm
Speaker:
Hitesh Sheth
,
CEO of Vectra AI
&

Please join our CEO, Hitesh Sheth, for our event kick-off!

1:15 pm
-
1:30 pm
Training Day Introduction
1:15 pm
-
1:30 pm
Speaker:
Oliver Tavakoli
,
CTO of Vectra AI
&

Before heading into your training sessions, get a quick overview of our foundational and advanced tracks so that you know which breakout to join!

1:30 pm
-
3:00 pm
Training Day Fundamental Track: Mastering Cybersecurity Investigations: A Deep Dive into Advanced Threats with Vectra AI
1:30 pm
-
3:00 pm
Speaker:
Alex Groyz
,
Technical Marketing Manager
&
Arpan Sarkar

Immerse yourself in a comprehensive workshop that guides you through an end-to-end investigation utilizing the Vectra AI platform. This hands-on experience will equip you with the skills to dissect a realistic advanced attack spanning network, cloud, and SaaS environments. Throughout the session, you'll familiarize yourself with key platform features crucial for understanding the attack's scope, discerning adversary motives, and mastering techniques to effectively thwart their actions. Join us in this immersive exploration, where you'll gain valuable insights and practical knowledge for navigating the complexities of cybersecurity investigations.

3:00 pm
-
4:30 pm
Training Day Fundamental Track: Securing your Hybrid Networks with Vectra AI’s MDR Team
3:00 pm
-
4:30 pm
Speaker:
Tony Martinez
,
MXDR
&

Attackers are taking advantage of hybrid environments, and we know how to stop them. In this session, Vectra MDR analysts will walk-through a scenario starting with a phish and demonstrating how it can quickly spread to hybrid networks. The audience will learn how to identify the attacker activity leveraging Vectra products and why visibility into hybrid environments is critical. The session will also demonstrate how to triage and response to malicious activity in hybrid environments.

1:30 pm
-
3:00 pm
Training Day Advanced Track: What’s Lurking in Your Network Metadata? Go Hunting!
1:30 pm
-
3:00 pm
Speaker:
Cyrille Franchet
,
Security Engineering
&
Fabien Guillot

Unlock the secrets hidden within your network with this training session. Dive into the invaluable realm of Vectra Metadata and discover the untapped potential it holds for threat hunting. This session goes beyond mere detections, empowering participants to comprehend the intrinsic value of network metadata. Learn the art of advanced hunting use cases, equipping yourself to proactively seek out both known and unknown threats. Join us for an immersive experience that unveils the power of leveraging network metadata to stay one step ahead in the ever-evolving landscape of cybersecurity.

3:00 pm
-
4:30 pm
Training Day Advanced Track: GET vectra/api/epic_stuff
3:00 pm
-
4:30 pm
Speaker:
Dale O'Grady
,
&
Fabien Guillot

Embark on a transformative journey into Vectra's API realm and elevate your proficiency to new heights! This interactive session is designed to empower you with hands-on experience, guiding you through the intricacies of utilizing Vectra's API and seamlessly interfacing with the platform programmatically. Beginning with foundational concepts, we will swiftly progress to explore advanced, real-world use cases that are bound to ignite your creative potential. Join us in this immersive session to unlock the full spectrum of possibilities within Vectra's API ecosystem.

4:30 pm
-
4:45 pm
Day 1 Closing
4:30 pm
-
4:45 pm
Speaker:
Oliver Tavakoli
,
CTO of Vectra AI
&
6:00 pm
-
9:00 pm
Welcome Reception at Nascar Hall of Fame
6:00 pm
-
9:00 pm
Speaker:
,
&

Join us on night 1 of Hunt Club 2024 at a buy-out of the NASCAR Hall of Fame filled with interactive exhibits, racing simulators, and the “Pit Crew” challenge to make it a night to remember.

8am – 9am
Breakfast
8:00 AM - 9:00 AM
9:15 am
-
10:00 am
Bending the Arc of Cybersecurity Towards Defenders
9:15 am
-
10:00 am
Speaker:
Oliver Tavakoli
,
CTO of Vectra AI
&

We live in a complex world which is continues to become more complex. The complexity is driven by the twin pillars of businesses wanting to be ever more agile and providers of software to enable this agility moving ever faster to roll out new services. And complexity is the enemy of security – while simultaneously presenting new opportunities to attackers.

In this session we will map out the challenges these dual trends present and describe what we think it will take to prevent relatively minor incursions from turning into notable breaches. How do we partner up to assemble stable defensive capabilities in a complex and rapidly evolving world?

10:00 am
-
10:45 am
Innovation at the Intersection: Attacking Complexity in Hybrid Environments
10:00 am
-
10:45 am
Speaker:
Nathan Einwechter
,
Sr. Director, Security Research
&

If the technical infrastructure we build our businesses on today isn’t complex enough, the seemingly endless ways we can interconnect and mix-and-match these environments increases this complexity by orders of magnitude. The result is often ambiguity and confusion, particularly at the boundaries of these systems. It’s amongst this chaos that attackers thrive.

In this session, we will revisit the journey we have taken as a Security Research team since first delving into cloud, presenting some key insights into the underlying structure of the problem along the way.  Building from this foundation, we will present an attacker’s perspective on current and future attack innovation and ultimately the implications of this new reality for defenders.

10:45 am
-
11:00 am
Break
10:45 am
-
11:00 am
Speaker:
,
&
11:00 am
-
11:45 am
Customer Session - Fireside Chat w/ Under Armour
11:00 am
-
11:45 am
Speaker:
Oliver Tavakoli
,
CTO of Vectra AI
&
Alex Attumalil, Under Armour
11:45 pm
-
12:30 pm
Lunch
11:45 pm
-
12:30 pm
Speaker:
,
&
12:30 pm
-
1:15 pm
Birds of a Feather
12:30 pm
-
1:15 pm
Speaker:
Multiple
,
&

Join your peers for a small focus group where you can connect with other Vectra users using the same security stack, integrations and discuss best practices and solutions.

1:15 pm
-
2:00 pm
Track A: Dissecting the Midnight Blizzard Attack on Microsoft: A Cybersecurity Deep Dive
1:15 pm
-
2:00 pm
Speaker:
Fabien Guillot
,
Director, Technical Marketing
&

Dive into the intricacies of the Midnight Blizzard's recent breach of Microsoft in this engaging session. We'll explore the tactics and techniques used by this sophisticated hacking group, providing insights into the vulnerabilities exploited and the methodology behind the attack. Through live demonstrations, attendees will witness firsthand the execution of the breach in a controlled environment, offering a unique, practical understanding of the cyber threat landscape.

The session will also cover the immediate aftermath and response strategies, highlighting Vectra's capabilities to identify such threats. Attendees will leave equipped with knowledge on enhancing their cybersecurity defenses and understanding the critical lessons learned from the breach.

This concise presentation is perfect for anyone looking to grasp the complexities of modern cyber attacks in a Microsoft 365 environment and the defensive strategies needed to combat such sophisticated threats.

2:00 pm
-
2:45 pm
Track A: Analyst Workshop: Incident Handling with XDR
2:00 pm
-
2:45 pm
Speaker:
Wim Vandebroek
,
&

This workshop focuses on bringing network, endpoint, and firewall data and technologies together to perform XDR investigation and containment.  It will begin with the all too common scenario of a compromised, EDR-bypassed asset and walk through identification of this situation in network telemetry, before completing the story with endpoint telemetry.  Finally, audience members will see practical steps to broaden the investigation and steps necessary to contain the threat this represents.

1:15 pm
-
2:00 pm
Track B: Deployment & Management (Network and Virtual)
1:15 pm
-
2:00 pm
Speaker:
Justin Howe
,
Sr. Manager Consulting Engineering
&

This breakout session gives you direct access to Vectra AI's Professional Services team where they'll share the methodology and practices that they use daily to maximize on-premises and virtual platform performance, ranging from deployment, configuration, and ongoing management and operation from both the system administration and security analyst perspectives.

Note: This breakout session dives into network and virtual specific architecture and considerations while sharing much of the same overlapping material presented in the similar Deployment & Management (Cloud) session.

2:00 pm
-
2:45 pm
Track B: Deployment & Management (Cloud)
2:00 pm
-
2:45 pm
Speaker:
Justin Howe
,
Sr. Manager Consulting Engineering
&

This breakout session gives you direct access to Vectra AI's Professional Services team where they'll share the methodology and practices that they use daily to maximize Vectra's cloud platform performance, ranging from deployment, configuration, and ongoing management and operation from both the system administration and security analyst perspectives.

Note: This breakout session dives into cloud-specific architecture and considerations while sharing much of the same overlapping material presented in the similar Deployment & Management (Network and Virtual) session.

2:45 pm
-
3:00 pm
Break
2:45 pm
-
3:00 pm
Speaker:
,
&
3:00 pm
-
4:00 pm
Track A: Harnessing the Power of Generative AI and Large Language Models (LLMs) in Cybersecurity
3:00 pm
-
4:00 pm
Speaker:
Sohrob Kazerounian
,
Distinguished AI Researcher
&

The past year has seen an explosion of interest in generative AI (GenAI), with Large Language Models (LLMs) like ChatGPT pushing the boundaries of what AI systems are capable of. As a result, it has become difficult to distinguish between corporate hype and practical realities of what these systems can do, and how they should be used.

To help cut through some of this hype, we will provide a brief history of Large Language Models, provide insights into how these models work (and don’t work!), and discuss how they can improve the speed and efficacy of SOC teams. More specifically, by providing a lens through which to view the inner workings of an LLM, we can clarify why LLMs are good at a wide variety of tasks, why they can hallucinate completely incorrect answers, and how they can access new data and external tools. We will then discuss and preview how LLMs are being integrated into the Vectra platform, in order to help amplify attack signal while attenuating noise.

3:00 pm
-
4:00 pm
Track B: Customer Inquiry: Depth, Breath & Integrations
3:00 pm
-
4:00 pm
Speaker:
Padraig Mannion
,
Director UX
&

Interactive UX design sessions are consistently ranked among our attendee’s favorite, and we expect that trend to continue this year.  This session will focus on operationalizing security technology and its integration ecosystems, so bring your design instincts and join our senior UX leadership team for a live session where your input will directly influence the design direction of our platform!

4:00 pm
-
4:45 pm
Tales from the Trenches, Part 1
4:00 pm
-
4:45 pm
Speaker:
Jonathan Barrett
,
MXDR
&

Another holiday weekend, another cyber attack. Vectra MDR is responsible for the security of many of Vectra’s customers across the globe, both big and small. No two environments are the same but the challenges faced affect all of us. We will discuss some of what we have seen from the past year and discuss lessons learned.

4:45 pm
-
5:00 pm
Day 2 Closing
4:45 pm
-
5:00 pm
Speaker:
Oliver Tavakoli
,
CTO of Vectra AI
&
5:00 pm
-
6:00 pm
Office Hours
5:00 pm
-
6:00 pm
Speaker:
,
&
6:30 pm
-
9:00 pm
Game Night at Queen Park Social
6:30 pm
-
9:00 pm
Speaker:
,
&
8am – 9am
Breakfast
8:00 AM - 9:00 AM
9:00 am
-
9:15 am
Day 3 Opening
9:00 am
-
9:15 am
Speaker:
Oliver Tavakoli
,
CTO of Vectra AI
&
9:15 am
-
10:00 am
Adversary Tradecraft: A Year in Review
9:15 am
-
10:00 am
Speaker:
John Mancini
,
&

Understanding adversary tradecraft is paramount for defenders. This talk delves into analysis of adversary tactics over the past year. By examining the latest trends and tactics employed by threat actors, attendees will gain crucial insights into the evolving threat landscape and things to consider in the year ahead.

10:00 am
-
10:45 am
Harnessing AI to build the next generation XDR platform
10:00 am
-
10:45 am
Speaker:
Himanshu Mhatre
,
Distinguished Data Scientist
&

Today's security environment suffers from a proliferation of signal alongside a rapid expansion of threat landscape, making it increasingly difficult for security operations to keep up with distilling threats from the signal and responding in a timely manner. We will discuss Vectra's investment in the AI capabilities of our XDR platform that enable SOC teams to stay on top of threats in their environment. In particular we will highlight how AI enables Vectra's XDR platform to select, organize, assess and prioritize signal for multiple data sources into a singular workflow ranked by urgency.

10:45 am
-
11:00 am
Break
10:45 am
-
11:00 am
Speaker:
,
&
11:00 am
-
11:45 am
Customer Session - Fireside Chat w/ Jackson Health Systems
11:00 am
-
11:45 am
Speaker:
Hitesh Sheth
,
CEO of Vectra AI
&
Connie Barrera, Jackson Health Systems
11:45 pm
-
12:30 pm
Lunch
11:45 pm
-
12:30 pm
Speaker:
,
&
12:30 pm
-
1:15 pm
Birds of a Feather
12:30 pm
-
1:15 pm
Speaker:
Multiple
,
&

Join your peers for a small focus group where you can connect with other Vectra users using the same security stack, integrations and discuss best practices and solutions.

1:15 pm
-
2:00 pm
A Defender’s Attack Toolkit
1:15 pm
-
2:00 pm
Speaker:
Arpan Sarkar
,
Sr. Technical Marketing Engineer
&

Uncover the tactics adversaries are using to compromise organizations by exploiting identity and abusing native capabilities in cloud. Turn the tables on attackers by leveraging their own game against them.Explore how Vectra AI is democratizing attacker TTPs by making security testing simple, fast & effective. Dive into the MAAD-Attack Framework, coupled with other latest advancements in security testing. Empower your security teams with tools & actionable insights to immediately enhance Detection & Response capabilities, fortifying your defenses against evolving threats in your environment.

1:15 pm
-
2:00 pm
Track B: Elevating Cybersecurity: Mastering Vectra Integration into SOAR
1:15 pm
-
2:00 pm
Speaker:
Dale O'Grady
,
&

This session will focus on common SOAR automation and orchestration use cases that will allow audience members to maximize value through extensive integrations into their ecosystem.  And while each use case may focus on a specific illustrative technology vendor, the broader patterns are applicable across equivalent technologies.

By the end of this workshop, attendees will have the knowledge necessary to automate and orchestrate key playbooks that will accelerate or improve security operations.

2:00 pm
-
2:45 pm
Track A: Pulling Back the Curtain: How Vectra Investigates Attacks and Builds Detections
2:00 pm
-
2:45 pm
Speaker:
Dmitriy Beryoza
,
Sr. Security Researcher
&

It may surprise you how much research work goes into building detection functionality in the cloud -- it isn't anywhere close to as simple as writing a query against cloud logs. There are many questions to answer: what does the attack look like? How do you tell between unusual and malicious behavior? How do you cast a wide enough net and keep the alert volumes down? How do you work around the multitude of issues plaguing log data?

This presentation will examine how the Vectra Security Research team does its job. We will describe how we study malicious behavior and develop ideas for detections, how we overcome many issues related to log ingestion and interpretation, and talk about the numerous methods and techniques that go into building a robust detection.

2:00 pm
-
2:45 pm
Track B: Maximizing Security: Integrating Vectra Signals into Microsoft Azure Sentinel
2:00 pm
-
2:45 pm
Speaker:
Dale O'Grady
,
&

In this concise and informative session, we will focus on the integration of Vectra signals into Microsoft Azure Sentinel Security Information and Event Management system. During this session you will gain valuable insights into architecture, best practices, recommended workflows and troubleshooting to ensure you get the most out of your integration.

By the end of the workshop, participants will have acquired the knowledge needed to extract the maximum value from the Vectra-Microsoft Azure Sentinel integration. This session is a must for security professionals seeking to enhance their cybersecurity posture through informed decision-making and strategic integration practices.

2:45 pm
-
3:00 pm
Break
2:45 pm
-
3:00 pm
Speaker:
,
&
3:00 pm
-
4:00 pm
Track A: Workshop: Threat Hunting with Network Metadata
3:00 pm
-
4:00 pm
Speaker:
Cyrille Franchet
,
Security Engineering
&

Embark on a journey into the world of threat hunting with this focused session, designed to equip you with the skills to leverage network metadata effectively. Through practical examples and detailed walk-throughs, participants will learn how to identify and neutralize threats hidden within network traffic, enhancing their organization's security posture.

Featuring real-world scenarios and interactive examples, the session will guide participants through the steps of a successful threat hunt, from initial hypothesis creation to the application of advanced analytical techniques. By the end of the session, attendees will be equipped with the foundation in utilizing network metadata for proactive threat detection and response, ready to apply these skills in their daily cybersecurity efforts.

3:00 pm
-
4:00 pm
Track B: Customer Inquiry: Stakeholders & Value
3:00 pm
-
4:00 pm
Speaker:
Padraig Mannion
,
Director UX
&

Interactive UX design sessions are consistently ranked among our attendee’s favorite, and we expect that trend to continue this year. This session will focus on measuring value from technology investments, so bring your design instincts and join our senior UX leadership team for a live session where your input will directly influence the design direction of our platform!

3:45 pm
-
4:30 pm
Tales from the Trenches, Part 2
3:45 pm
-
4:30 pm
Speaker:
Tim Wade
,
Deputy CTO
&

Panel Participants:

  • John Wilson, Omaha Steaks
  • Tony Martinez, Vectra MXDR
  • Mirabel Fuentes, Jackson Health
  • Eric Martin, Vectra MXDR

Panel Description:  The panel will conclude Day 3 of Hunt Club by refocusing on the human factors of cybersecurity from the perspective of the heroes that spend their lives in the trenches – the challenges and opportunities we face that aren’t strictly technical in nature.

4:45 pm
-
5:00 pm
Day 3: Closing Statements
4:45 pm
-
5:00 pm
Speaker:
Oliver Tavakoli
,
CTO of Vectra AI
&
6:00 pm
-
9:00 pm
Tacos, Taps, and Tunes at Hoppin' CLT
6:00 pm
-
9:00 pm
Speaker:
,
&

Join us for dinner and drinks on the final night of Hunt Club 2024!

Questions?
Email us at huntclub@vectra.ai