GCSEC organizes in collaboration with Kaspersky Lab an operative workshop on cyber threat hunting and APT analysis techniques. At the workshop, will participate experts from SOC and CERT's of the mail Italian companies. The workshop is held today 30 October at the Hotel Radisson Blue ES in Rome. Experts of the Global Research and Analysis Team (GreAT) of Kaspersky Lab will presents research techniques of GReAT and CERT’s Incident Response introducing the Yara tool and providing a mini training on its implementation. Threat hunting and Incident Response are very important processes. Threat hunting allows companies to identify Advanced and Persistent Threats (APTs) within systems that preventive and automated identification checks may not be able to detect. Incident Response is the process that follows a possible security incident. In the event of an attack, it covers the entire cycle of investigation into incidents to limit the resulting damage and prevent its spread by completely eliminating the threat. It also includes the acquisition of digital evidence, to have a global view of the incident, and the technical characterization of malicious tool to extrapolate technical and behavioral indicators and ensure a more complete management of events.