Cyberspace Vigilante or Security Sleuth: Understanding Who Threat Hunters Are (EnCyCriS 2025)

Who

Samantha Hill, Alessandra Maciel Paz Milani, Callum Curtis, Arty Starr, Enrique Larios Vargas, Marcus Dunn, Margaret-Anne Storey

Track

EnCyCriS 2025 Cybersecurity of Critical Systems

Time Zone

The program is currently displayed in (GMT-04:00) Eastern Time (US & Canada).

Use conference time zone: (GMT-04:00) Eastern Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Sat 3 May 2025 11:00 - 11:20 at 206 - Paper session 1 - continued Chair(s): Ita Ryan

Abstract

Threat hunters play a critical role in organizational security, yet the human factors of their work and the challenges they face are often overlooked. Through interviews with 20 threat hunters, we aimed to better understand the role by investigating their personal characteristics, workflows, tools, and challenges. Our analysis of the findings resulted in the identification of 17 key dimensions of threat hunters characteristics and work practices, which informed the creation of four personas that represent the complexity of this critical role. By humanizing threat hunters, we lay the groundwork for user-centered tools that enhance their well-being and strengthen organizational security.

Samantha Hill

University of Victoria

Alessandra Maciel Paz Milani

University of Victoria

Callum Curtis

University of Victoria

Arty Starr

University of Victoria

Enrique Larios Vargas

University of Victoria

Canada

Marcus Dunn

University of Victoria

Canada

Margaret-Anne Storey

University of Victoria

Time Zone

The program is currently displayed in (GMT-04:00) Eastern Time (US & Canada).

Use conference time zone: (GMT-04:00) Eastern Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Sat 3 May
Displayed time zone: Eastern Time (US & Canada) change

11:00 - 12:30	Paper session 1 - continuedEnCyCriS at 206 Chair(s): Ita Ryan University College Cork

11:00 20m Paper		Cyberspace Vigilante or Security Sleuth: Understanding Who Threat Hunters Are EnCyCriS Samantha Hill University of Victoria, Alessandra Maciel Paz Milani University of Victoria, Callum Curtis University of Victoria, Arty Starr University of Victoria, Enrique Larios Vargas University of Victoria, Marcus Dunn University of Victoria, Margaret-Anne Storey University of Victoria
11:20 20m Paper		Enhanced Detection of Code Vulnerability with Synergy between Data-Driven, Rule-Based and Unsupervised Learnings EnCyCriS Hibah Mohammed Ghouse Hubspot, Samiha Shimmi Northern Illinois University, Mona Rahimi Northern Illinois University
11:40 20m Paper		Evaluating the Integration of Aurora zkSNARK in the Zupply Framework EnCyCriS Mohammadtaghi Badakhshan University of Waterloo, Guang Gong University of Waterloo
12:00 30m Panel		Panel based discussions and open questions - morning session EnCyCriS