We face a plethora of options for detecting advanced attacks from anomaly detection to pattern recognition to crowdsourcing of signatures. But what works? Participants will have the opportunity to talk about their experiences with detection products, hunting techniques, SIEM correlation rules, threat feeds and other methods. This session will seek to break through the spin and identify solutions.