Lisbon
Lisbon, PRT - Corinthia Hotel
March 25, 2024
Register now
About the Event

We're extremely excited to host Hunt Club in a city that is filled with stunning architecture, beautiful views and fascinating history.

Dates

Hunt Club Lisbon dates are March 25, 2024 - March 28, 2024. Sessions and events will be hosted on March 25, March 26 and March 27.

Venue

Hunt Club Lisbon will be hosted at the Corinthia property in the uptown district. Please see below for the venue address:

Corinthia Hotel
Av. Columbano Bordalo Pinheiro 105
1099-031 Lisboa, Portugal

Training Day Sessions

We have a jam-packed agenda lined up! Hunt Club will kick-off with our new hands-on training and will end with dinner at Envy Restaurant, situated in a beautiful setting overlooking the river Tagus

Day 1 of sessions is filled with keynotes from the Vectra AI team and collaborative conversations with your peers. The evening will end with a stunning sunset river boat cruise, where you'll have the opportunity to network with peers over a cocktail dinner.

Day 2 of sessions and our final day will continue with closing keynotes, technical sessions and will conclude with a Tuk-tuk tour around Lisbon city centre, including food and wine tasting stop offs.

Our agenda

12pm – 1:00pm
Welcome Lunch
12:00 pm - 1:00 pm
Join us for a welcome lunch before we kick off Hunt Club 2024 with out dedicated training day!
1:00 pm
-
1:15 pm
Hunt Club Kick-off
1:00 pm
-
1:15 pm
Speaker:
Hitesh Sheth
,
Executive Leadership
&

Please join our CEO, Hitesh Sheth, for our event kick-off!

1:15 pm
-
1:30 pm
Training Day Introduction
1:15 pm
-
1:30 pm
Speaker:
Oliver Tavakoli
,
Executive Leadership
&

Before heading into your training sessions, get a quick overview of our foundational and advanced tracks so that you know which breakout to join!

1:30 pm
-
3:00 pm
Training Day Fundamental Track: Mastering Cybersecurity Investigations: A Deep Dive into Advanced Threats with Vectra AI
1:30 pm
-
3:00 pm
Speaker:
Alex Groyz
,
Security & Engineering
&
Arpan Sarkar

Immerse yourself in a comprehensive workshop that guides you through an end-to-end investigation utilizing the Vectra AI platform. This hands-on experience will equip you with the skills to dissect a realistic advanced attack spanning network, cloud, and SaaS environments. Throughout the session, you'll familiarize yourself with key platform features crucial for understanding the attack's scope, discerning adversary motives, and mastering techniques to effectively thwart their actions. Join us in this immersive exploration, where you'll gain valuable insights and practical knowledge for navigating the complexities of cybersecurity investigations.

3:00 pm
-
4:30 pm
Training Day Fundamental Track: Securing Your Hybrid Networks with Vectra AI’s MDR Team
3:00 pm
-
4:30 pm
Speaker:
Tony Martinez
,
Security & Engineering
&

Attackers are taking advantage of hybrid environments, and we know how to stop them. In this session, Vectra MDR analysts will walk-through a scenario starting with a phish and demonstrating how it can quickly spread to hybrid networks. The audience will learn how to identify the attacker activity leveraging Vectra products and why visibility into hybrid environments is critical. The session will also demonstrate how to triage and response to malicious activity in hybrid environments.

1:30 pm
-
3:00 pm
Training Day Advanced Track: What’s Lurking in Your Network Metadata? Go Hunting!
1:30 pm
-
3:00 pm
Speaker:
Cyrille Franchet
,
Security & Engineering
&
Fabien Guillot

Unlock the secrets hidden within your network with this training session. Dive into the invaluable realm of Vectra Metadata and discover the untapped potential it holds for threat hunting. This session goes beyond mere detections, empowering participants to comprehend the intrinsic value of network metadata. Learn the art of advanced hunting use cases, equipping yourself to proactively seek out both known and unknown threats. Join us for an immersive experience that unveils the power of leveraging network metadata to stay one step ahead in the ever-evolving landscape of cybersecurity.

3:00 pm
-
4:30 pm
Training Day Advanced Track: GET vectra/api/epic_stuff
3:00 pm
-
4:30 pm
Speaker:
Dale O'Grady
,
&
Fabien Guillot

Embark on a transformative journey into Vectra's API realm and elevate your proficiency to new heights! This interactive session is designed to empower you with hands-on experience, guiding you through the intricacies of utilizing Vectra's API and seamlessly interfacing with the platform programmatically. Beginning with foundational concepts, we will swiftly progress to explore advanced, real-world use cases that are bound to ignite your creative potential. Join us in this immersive session to unlock the full spectrum of possibilities within Vectra's API ecosystem.

4:30 pm
-
4:45 pm
Day 1 Closing
4:30 pm
-
4:45 pm
Speaker:
Oliver Tavakoli
,
Executive Leadership
&
6:30 pm
-
9:30 pm
Dinner at Envy Restaurant
6:30 pm
-
9:30 pm
Speaker:
,
&

Join us for dinner on the first night of Hunt Club at Envy Restaurant where you'll get a chance to debrief training day with your peers and experience Lisbon nightlife.

8am – 9am
Breakfast
08:00 AM - 9:00 AM
9:15 am
-
10:00 am
Bending the Arc of Cybersecurity Towards Defenders
9:15 am
-
10:00 am
Speaker:
Oliver Tavakoli
,
Executive Leadership
&

We live in a complex world which is continues to become more complex. The complexity is driven by the twin pillars of businesses wanting to be ever more agile and providers of software to enable this agility moving ever faster to roll out new services. And complexity is the enemy of security – while simultaneously presenting new opportunities to attackers.

In this session we will map out the challenges these dual trends present and describe what we think it will take to prevent relatively minor incursions from turning into notable breaches. How do we partner up to assemble stable defensive capabilities in a complex and rapidly evolving world?

10:00 am
-
10:45 am
Innovation at the Intersection: Attacking Complexity in Hybrid Environments
10:00 am
-
10:45 am
Speaker:
Nathan Einwechter
,
Security & Engineering
&

If the technical infrastructure we build our businesses on today isn’t complex enough, the seemingly endless ways we can interconnect and mix-and-match these environments increases this complexity by orders of magnitude. The result is often ambiguity and confusion, particularly at the boundaries of these systems. It’s amongst this chaos that attackers thrive.

In this session, we will revisit the journey we have taken as a Security Research team since first delving into cloud, presenting some key insights into the underlying structure of the problem along the way.  Building from this foundation, we will present an attacker’s perspective on current and future attack innovation and ultimately the implications of this new reality for defenders.

10:45 am
-
11:00 am
Break
10:45 am
-
11:00 am
Speaker:
,
&
11:00 am
-
11:20 am
Customer Session - Fireside chat w/ TMO
11:00 am
-
11:20 am
Speaker:
Christian Borst
,
Executive Leadership
&
Abdulhalim Z. Barnawi, TMO
11:20 am
-
11:45 am
Customer Session - Fireside chat w/ Thyssenkrupp
11:20 am
-
11:45 am
Speaker:
Christian Borst
,
Executive Leadership
&
Nicola Bisi, Thyssenkrupp
11:45 pm
-
12:30 pm
Lunch
11:45 pm
-
12:30 pm
Speaker:
,
&
12:30 pm
-
1:15 pm
Birds of a Feather
12:30 pm
-
1:15 pm
Speaker:
Multiple
,
&

Join your peers for a small focus group where you can connect with other Vectra users using the same security stack, integrations and discuss best practices and solutions.

1:15 pm
-
2:00 pm
Track A: Dissecting the Midnight Blizzard Attack on Microsoft: A Cybersecurity Deep Dive
1:15 pm
-
2:00 pm
Speaker:
Fabien Guillot
,
Security & Engineering
&

Dive into the intricacies of the Midnight Blizzard's recent breach of Microsoft in this engaging session. We'll explore the tactics and techniques used by this sophisticated hacking group, providing insights into the vulnerabilities exploited and the methodology behind the attack. Through live demonstrations, attendees will witness firsthand the execution of the breach in a controlled environment, offering a unique, practical understanding of the cyber threat landscape.

The session will also cover the immediate aftermath and response strategies, highlighting Vectra's capabilities to identify such threats. Attendees will leave equipped with knowledge on enhancing their cybersecurity defenses and understanding the critical lessons learned from the breach.

This concise presentation is perfect for anyone looking to grasp the complexities of modern cyber attacks in a Microsoft 365 environment and the defensive strategies needed to combat such sophisticated threats.

2:00 pm
-
2:45 pm
Track A: Analyst Workshop: Incident Handling with XDR
2:00 pm
-
2:45 pm
Speaker:
Wim Vandebroek
,
&

This workshop focuses on bringing network, endpoint, and firewall data and technologies together to perform XDR investigation and containment.  It will begin with the all too common scenario of a compromised, EDR-bypassed asset and walk through identification of this situation in network telemetry, before completing the story with endpoint telemetry.  Finally, audience members will see practical steps to broaden the investigation and steps necessary to contain the threat this represents.

1:15 pm
-
2:00 pm
Track B: Deployment & Management (Network and Virtual)
1:15 pm
-
2:00 pm
Speaker:
Battista Cagnoni
,
&

This breakout session gives you direct access to Vectra AI's Professional Services team where they'll share the methodology and practices that they use daily to maximize on-premises and virtual platform performance, ranging from deployment, configuration, and ongoing management and operation from both the system administration and security analyst perspectives.

Note: This breakout session dives into network and virtual specific architecture and considerations while sharing much of the same overlapping material presented in the similar Deployment & Management (Cloud) session.

2:00 pm
-
2:45 pm
Track B: Deployment & Management (Cloud)
2:00 pm
-
2:45 pm
Speaker:
Battista Cagnoni
,
&

This breakout session gives you direct access to Vectra AI's Professional Services team where they'll share the methodology and practices that they use daily to maximize Vectra's cloud platform performance, ranging from deployment, configuration, and ongoing management and operation from both the system administration and security analyst perspectives. Note: This breakout session dives into cloud-specific architecture and considerations while sharing much of the same overlapping material presented in the similar Deployment & Management (Network and Virtual) session.

2:45 pm
-
3:00 pm
Break
2:45 pm
-
3:00 pm
Speaker:
,
&
3:00 pm
-
4:00 pm
Track A: Harnessing the Power of Generative AI and Large Language Models (LLMs) in Cybersecurity
3:00 pm
-
4:00 pm
Speaker:
Sohrob Kazerounian
,
AI & Machine Learning
&

The past year has seen an explosion of interest in generative AI (GenAI), with Large Language Models (LLMs) like ChatGPT pushing the boundaries of what AI systems are capable of. As a result, it has become difficult to distinguish between corporate hype and practical realities of what these systems can do, and how they should be used.

To help cut through some of this hype, we will provide a brief history of Large Language Models, provide insights into how these models work (and don’t work!), and discuss how they can improve the speed and efficacy of SOC teams. More specifically, by providing a lens through which to view the inner workings of an LLM, we can clarify why LLMs are good at a wide variety of tasks, why they can hallucinate completely incorrect answers, and how they can access new data and external tools. We will then discuss and preview how LLMs are being integrated into the Vectra platform, in order to help amplify attack signal while attenuating noise.

3:00 pm
-
4:00 pm
Track B: Customer Inquiry: Depth, Breath & Integrations
3:00 pm
-
4:00 pm
Speaker:
Padraig Mannion
,
Security & Engineering
&

Interactive UX design sessions are consistently ranked among our attendee’s favorite, and we expect that trend to continue this year.  This session will focus on operationalizing security technology and its integration ecosystems, so bring your design instincts and join our senior UX leadership team for a live session where your input will directly influence the design direction of our platform!

4:00 pm
-
4:45 pm
Tales from the Trenches, Part 1
4:00 pm
-
4:45 pm
Speaker:
Jonathan Barrett
,
Security & Engineering
&

Another holiday weekend, another cyber attack. Vectra MDR is responsible for the security of many of Vectra’s customers across the globe, both big and small. No two environments are the same but the challenges faced affect all of us. We will discuss some of what we have seen from the past year and discuss lessons learned.

4:45 pm
-
5:00 pm
Day 2 Closing
4:45 pm
-
5:00 pm
Speaker:
Oliver Tavakoli
,
Executive Leadership
&
5:00 pm
-
6:00 pm
Office Hours
5:00 pm
-
6:00 pm
Speaker:
,
&
6:00 pm
-
9:00 pm
Cocktail and Dinner Boat Cruise
6:00 pm
-
9:00 pm
Speaker:
,
&

We're beyond excited for this evening! Join us for a sunset cruise on the Tagus River where you'll get to mingle with peers, enjoy cocktails and dinner all while exploring the heart of Lisbon.

8am – 9am
Breakfast
08:00 AM - 9:00 AM
9:00 am
-
9:15 am
Day 3 Opening
9:00 am
-
9:15 am
Speaker:
Oliver Tavakoli
,
Executive Leadership
&
9:15 am
-
10:00 am
Adversary Tradecraft: A Year in Review
9:15 am
-
10:00 am
Speaker:
John Mancini
,
&

Understanding adversary tradecraft is paramount for defenders. This talk delves into analysis of adversary tactics over the past year. By examining the latest trends and tactics employed by threat actors, attendees will gain crucial insights into the evolving threat landscape and things to consider in the year ahead.

10:00 am
-
10:45 am
Harnessing AI to build the next generation XDR platform
10:00 am
-
10:45 am
Speaker:
Colin Jermain
,
&

Today's security environment suffers from a proliferation of signal alongside a rapid expansion of threat landscape, making it increasingly difficult for security operations to keep up with distilling threats from the signal and responding in a timely manner. We will discuss Vectra's investment in the AI capabilities of our XDR platform that enable SOC teams to stay on top of threats in their environment. In particular we will highlight how AI enables Vectra's XDR platform to select, organize, assess and prioritize signal for multiple data sources into a singular workflow ranked by urgency.

10:45 am
-
11:00 am
Break
10:45 am
-
11:00 am
Speaker:
,
&
11:00 am
-
11:45 am
Customer Session - Fireside chat w/ Richemont
11:00 am
-
11:45 am
Speaker:
Christian Borst
,
Executive Leadership
&
Andrea Matasci, Richemont
11:45 pm
-
12:30 pm
Lunch
11:45 pm
-
12:30 pm
Speaker:
,
&
12:30 pm
-
1:15 pm
Birds of a Feather
12:30 pm
-
1:15 pm
Speaker:
Multiple
,
&

Join your peers for a small focus group where you can connect with other Vectra users using the same security stack, integrations and discuss best practices and solutions.

1:15 pm
-
2:00 pm
Track A: MAAD-AF & Attacks in M365
1:15 pm
-
2:00 pm
Speaker:
Arpan Sarkar
,
Security & Engineering
&

Uncover the tactics adversaries are using to compromise organizations by exploiting identity and abusing native capabilities in Microsoft cloud. Turn the tables on attackers by leveraging their own game against them. Explore how Vectra AI is democratizing attacker TTPs by making security testing simple, fast & effective. Dive into the MAAD (M365 Azure AD) Attack Framework, coupled with other latest advancements in security testing. Empower your security teams with tools & actionable insights to immediately enhance Detection & Response capabilities, fortifying your defenses against evolving threats in Microsoft cloud.

1:15 pm
-
2:00 pm
Track B: Elevating Cybersecurity: Mastering Vectra Integration into SOAR
1:15 pm
-
2:00 pm
Speaker:
Fabien Guillot
,
Security & Engineering
&
Dale O'Grady

This session will focus on common SOAR automation and orchestration use cases that will allow audience members to maximize value through extensive integrations into their ecosystem.  And while each use case may focus on a specific illustrative technology vendor, the broader patterns are applicable across equivalent technologies.

By the end of this workshop, attendees will have the knowledge necessary to automate and orchestrate key playbooks that will accelerate or improve security operations.

2:00 pm
-
2:45 pm
Track A: Pulling Back the Curtain: How Vectra Investigates Attacks and Builds Detections
2:00 pm
-
2:45 pm
Speaker:
Dmitriy Beryoza
,
Security & Engineering
&

It may surprise you how much research work goes into building detection functionality in the cloud -- it isn't anywhere close to as simple as writing a query against cloud logs. There are many questions to answer: what does the attack look like? How do you tell between unusual and malicious behavior? How do you cast a wide enough net and keep the alert volumes down? How do you work around the multitude of issues plaguing log data?

This presentation will examine how the Vectra Security Research team does its job. We will describe how we study malicious behavior and develop ideas for detections, how we overcome many issues related to log ingestion and interpretation, and talk about the numerous methods and techniques that go into building a robust detection.

2:00 pm
-
2:45 pm
Track B: Maximizing Security: Integrating Vectra Signals into Microsoft Azure Sentinel
2:00 pm
-
2:45 pm
Speaker:
Fabien Guillot
,
Security & Engineering
&
Dale O'Grady

In this concise and informative session, we will focus on the integration of Vectra signals into Microsoft Azure Sentinel Security Information and Event Management system. During this session you will gain valuable insights into architecture, best practices, recommended workflows and troubleshooting to ensure you get the most out of your integration.

By the end of the workshop, participants will have acquired the knowledge needed to extract the maximum value from the Vectra-Microsoft Azure Sentinel integration. This session is a must for security professionals seeking to enhance their cybersecurity posture through informed decision-making and strategic integration practices.

2:45 pm
-
3:00 pm
Break
2:45 pm
-
3:00 pm
Speaker:
,
&
3:00 pm
-
4:00 pm
Track A: Customer Session ft. KMPG
3:00 pm
-
4:00 pm
Speaker:
KPMG
,
&
3:00 pm
-
4:00 pm
Track B: Customer Inquiry: Stakeholders & Value
3:00 pm
-
4:00 pm
Speaker:
Padraig Mannion
,
Security & Engineering
&

Interactive UX design sessions are consistently ranked among our attendee’s favorite, and we expect that trend to continue this year. This session will focus on measuring value from technology investments, so bring your design instincts and join our senior UX leadership team for a live session where your input will directly influence the design direction of our platform!

4:00 pm
-
4:45 pm
Tales from the Trenches, Part 2
4:00 pm
-
4:45 pm
Speaker:
Niall Errity
,
&

The ever-evolving SOC requires maintenance and periods of review. In this session we will dive into what it takes to mature capabilities and evolve in a landscape that is continually changing. We will focus on the people and the process that keeps an operation running, then we will pivot to how we retain great talent.

4:30 pm
-
4:45 pm
Event Closing
4:30 pm
-
4:45 pm
Speaker:
Oliver Tavakoli
,
Executive Leadership
&
6:00 pm
-
8:00 pm
TukTuk Tour
6:00 pm
-
8:00 pm
Speaker:
,
&

Join us for our final evening at Hunt Club through a TukTuk tour through Lisbon. There's no better way to see the city!

We’re proud to welcome our sponsors

Platinum
Gold
Gold
Gold
Gold
Silver
Interested in becoming a sponsor? Please email huntclub@vectra.ai for more information.

Ready to join the Hunt Club in Lisbon?