On August 29, the USAID Project “Cybersecurity of Ukraine's Critical Infrastructure” held the last summer webinar in a series of webinars on specializations and areas of cybersecurity for university students. Despite the fact that the summer vacation is still ongoing, the webinar gathered participants and viewers from 28 higher education institutions across Ukraine.
This is not surprising, as the speaker at the event was Volodymyr Garashchenko, CISO at SOC Prime, who has identified cyber threats in large companies and government institutions in Ukraine for over 20 years. He spoke about Detection engineering and proactive threat hunting. At the beginning of the talk, Volodymyr reminded the audience what SOC is, which was discussed in detail in the previous webinar, and explained the difference between detection engineering and threat hunting. The speaker spoke about the methods used to detect threats, how to find out why they are attacked (tactics) and how they are attacked (techniques), and how, with this knowledge, to quickly set up a system to detect threats in the future.
Volodymyr paid special attention to the Sigma rule, a universal language for finding cyber threats, which he actively uses. The speaker has extensive and interesting experience in the field of cybersecurity, so his advice to future professionals on the knowledge and skills needed to succeed in this field, certificates that are worth taking care of to build a career in the industry successfully, and useful resources that help professionals to replenish their professional knowledge were especially valuable. No less interesting than the speaker's presentation were the questions from the webinar participants, which concerned both the first job and highly specialized subtopics in cyber threat hunting.
