Privacy & Cybersecurity Threat Hunters Secure both Shield Trophy and Bragging Rights

A Team of Cybersecurity Operations Center (CSOC) and Security Engineering staff from Technology Services were the superior force in the inaugural Threat Hunting Competition between UIUC and the University of Michigan. CrowdStrike set up the June 16 invitational where each team used CrowdStrike Falcon software to identify and explain the causes of a mock malware attack. 

“The example scenario included an incident that the CrowdStrike sensor did not catch, and they wanted the teams to find out what had happened,” explained team member Mark Wenneborg, Senior Cybersecurity Engineer.

Each team member brought their expertise to the situation in order to answer five increasingly complicated questions. “There was a dynamic back and forth working together to find the solution,” Wenneborg said.

Mark Wenneborg, Bob Heren, Carl Stephens, Prabha Manda, Andrew Petsche, and Jon Karagiannakis, all members of the privacy and security team at Tech Services, answered each question correctly. And according to CrowdStrike, answered more completely than Michigan, leading to the UIUC win.

The team was constrained to using CrowdStrike within the scenario; no other tools that CSOC has at their disposal. Wenneborg said it is a little different than what might occur in a real attack. “The sample scenario all happened in a single process tree in a short time span. An attacker might act differently and make it harder”.

Joe Barnes, Chief Privacy and Security Officer, noted, “Naturally, we beat the Wolverines. If you get a chance, congratulate the team.”