Sergio Albea

This is a practical Threat Hunting workshop where we’ll dive into real-world threat scenarios based on multiple cases observed during this 2025. Don’t worry if you’re not familiar with this topic — this workshop is designed for all skill levels, oriented to Threat Hunting, and we’ll start with a clear and simple introduction to basic detections so you can get comfortable before jumping into the action. What to Expect? Learn how to hunt for threats across different scenario such as: - Network-based threats - Identity-based anomalies - Host-based suspicious behavior - Apply Threat Intelligence on Threat Hunting - Explore how to turn raw data into real detections - Discover how to build your own hunting queries and detection rules Bring Your Laptop! You’ll need your computer — in the second part of the session, we’ll break into groups to solve real-world threat hunting cases using the tools and queries we explored during the presentation.

In today’s digital landscape, relying solely on cloud providers for security can leave organizations vulnerable. This presentation aims to equip attendees with practical knowledge and strategies to enhance their threat response capabilities independently, especially when security relies on user behavior, by addressing critical areas including: - Identifying and mitigating threats where cloud providers cannot assist - Implementing robust in-house security measures and protocols with tools such as Microsoft DefenderXDR. We will also examine: - Case studies on successful threat responses where security relied on user behavior - Strategies to respond to user misconfigurations or bypassing of security baselines

In today’s digital landscape, relying solely on cloud providers for security can leave organizations vulnerable. This presentation aims to equip attendees with practical knowledge and strategies to enhance their threat response capabilities independently, especially when security relies on user behavior, by addressing critical areas including: Identifying and mitigating threats where cloud providers cannot assist Implementing robust in-house security measures and protocols with tools such as Microsoft DefenderXDR. We will also examine: Case studies on successful threat responses where security relied on user behavior Strategies to respond to user misconfigurations or bypassing of security baselines

In today’s digital landscape, relying solely on cloud providers for security can leave organizations vulnerable. This presentation aims to equip attendees with practical knowledge and strategies to enhance their threat response capabilities independently, especially when security relies on user behavior, by addressing critical areas including: Identifying and mitigating threats where cloud providers cannot assist Implementing robust in-house security measures and protocols with tools such as Microsoft DefenderXDR. We will also examine: Case studies on successful threat responses where security relied on user behavior Strategies to respond to user misconfigurations or bypassing of security baselines

SCKIPT is an initiative created by Sergio Albea focus on detect possible User Behaviours which can put the security of our systems in risk. Nowadays, there are multiple scenarios where the security will rely on how the users interact with their manage systems. SCKIPT is oriented to list and provide possible measures to respond against the mentioned threats in scenarios where most of the possible activities by users are not blocked or limited. This model is not focused from the perspective of possible attacks by bad actors (of which there are multiple initiatives and models), it is focused on threats arising from possible actions by our users. Security Awareness is a mandatory requirement to decrease the possible threats related to user behaviours but it will never remove the risk. SCKIPT is oriented to list and provide possible measures to respond against the mentioned threats