Threat Hunting Summit Talk: Fast-track Reports into Ready-Made Hypotheses with AI

With Lauren Proehl

What if every intelligence report instantly became a ready‑to‑run hypothesis — instead of dying in a Slack channel?

In this talk, Lauren Proehl, Global Head of Detection and Response at Marsh and co‑founder of THOR Collective, walks through a practical, repeatable workflow for using large language models to convert published threat reports into structured, testable hunt hypotheses.

She’ll break down how to extract attacker tradecraft, map TTPs, scope data sources, and generate analytic logic hunters can run immediately. Real examples will help you explore how crafted prompts can surface detection gaps, enrich investigations, and produce hypotheses that go far beyond IOC matching.

Examine how AI‑assisted workflows are reshaping the future of threat hunting and leave with a method you can put to work, whether you’re a solo hunter or running a mature program.

Chat with your fellow Threat Hunting Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon

---

 This talk is part of the Antisyphon Training Threat Hunting Summit, a free, six-hour, live virtual event designed to give you a practical, real-world look at how cyber threat hunters detect stealthy adversaries, investigate suspicious behavior, and turn discoveries into stronger defenses.

For those who want to go further, multiple hands-on, high-quality, and affordable training courses are available June 18-26 to help you sharpen your skills and become a more proactive, effective defender.

See the entire Antisyphon Training Course Catalog for affordable cybersecurity training! 

---