Threat Hunting Summit Keynote: Is It Time to Embrace Automated Threat Hunting?
With David Bianco
June 17 @ 10:00 am – 10:50 am ET
For over a decade, the security community has defined threat hunting as a human‑driven process. We believed that while machines could detect, only humans could hunt. As the architect of the Sqrrl Hunting Loop and lead author of the PEAK Threat Hunting Framework, David Bianco helped promote this view.
But, David says, we’ve got a real problem today: AI‑driven attacks are transitioning from a possibility to a likelihood, shortening attack lifecycles from days and hours to minutes and seconds. The human is starting to look like an unnecessary bottleneck. We need machine speed and scale to stay competitive.
In security, however, the adversary always cheats, and even our most capable frontier models still have trouble with that. AI is fundamentally gullible, and it’s still so new to us that we discover ways to subvert it practically every week.
And there’s the paradox: defenders need AI to stay in the game, but our models aren’t trustworthy enough to rely on. We need their speed, their scale, and even their judgment, yet we know we can’t trust them to deliver reliable results by themselves.
Our conflicting need for both AI autonomy and human accountability deserves serious thought. Join David as he invites us to re‑examine the role of the human in threat hunting.
Is it time to let the machines drive?
Chat with your fellow Threat Hunting Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon
This talk is part of the Antisyphon Training Threat Hunting Summit, a free, six-hour, live virtual event designed to give you a practical, real-world look at how cyber threat hunters detect stealthy adversaries, investigate suspicious behavior, and turn discoveries into stronger defenses.
For those who want to go further, multiple hands-on, high-quality, and affordable training courses are available June 18-26 to help you sharpen your skills and become a more proactive, effective defender.
See the entire Antisyphon Training Course Catalog for affordable cybersecurity training!
About the Instructor
David Bianco
Bio
David is a cybersecurity researcher with Cisco’s SURGe team, where he studies practical and effective uses of AI for defensive security operations. He is also a SANS Certified Instructor, where he teaches network forensics. David has nearly 30 years of experience in the information security field, primarily in incident detection and response, threat hunting, and Cyber Threat Intelligence (CTI). He is the creator of the Pyramid of Pain and lead author of the PEAK threat hunting framework. Really, he just wants to make security better for everyone. You can follow David on Bluesky as @DavidJBianco.bsky.social or on Mastodon as @[email protected].
