Threat hunting

Deception technologies have come a long way from the days when honeypots were used to analyze attacker behavior. Today’s deception tools contain advanced...

In this article, we’ll discuss how we can use Kolide Fleet for threat-hunting purposes. This article is not intended to be an introductory piece, but rather...

In this article, we take a look at osquery and how it can be used to query the security, reliability and compliance information of systems within your network...

In this article, we’ll discuss mock intrusion attempts on our systems and show you how to make use of Cymon API to query important information that you can...

The SaltStack platform is an open-source and Python-based configuration management software. Using Salt, developers and system administrators can better manage...

Graylog is a leading centralized log management solution which allows security teams to log, store and analyze huge amounts of data. One area where Graylog...

The majority of a threat hunter’s role is looking for the “needle in the haystack” by using a variety of different tools and techniques to look for threats...

Many organizations only perform reactive threat-hunting, searching for threats once it’s obvious that their environment has been compromised. A mature threat-hunting...

Threat hunting is an alternative approach to dealing with cyber-attacks, compared to network security systems that include appliances such as firewalls that...

Threat hunting requires proactively looking within the network and searching for anomalies that might indicate a breach. The vast amount of data that needs...