Quentin JEROME
After having passed almost a decade working as an incident responder for a big European Institution I recently joined CIRCL as a developer. My development projects focus on endpoint monitoring and threat detection, mostly to provide open-source alternatives to paid solutions.
Topics of interest: programming, detection engineering, threat-hunting, bug hunting (when I have time)
Sessions
In this talk, we'll delve into the evolution and foundational principles of Kunai, a specialized threat detection and hunting tool crafted for Linux environments. We'll revisit its core objectives while unveiling its latest features, including its integration with MISP and its detection rules engine, demonstrating how Kunai enhances daily Linux machine monitoring. Through practical demonstrations and real-world examples, attendees will learn how to leverage Kunai's capabilities to reinforce the security of Linux infrastructures against ever-evolving cyber threats.
Join us for an immersive hands-on workshop where we'll delve into Kunai, a specialized threat detection and hunting tool tailored for Linux environments. Participants will explore its evolution, core principles, and latest features, including integration with MISP and its detection rules engine, through practical, real-world use cases. With guided exercises, attendees will learn to leverage Kunai for enhancing their Linux machines visibility, empowering them to identify and mitigate threats effectively.