Threat Hunting: Data Collection and Analysis
Threat hunting requires proactively looking within the network and searching for anomalies that might indicate a breach. The vast amount of data that needs...
Threat hunting
Threat Hunting: Detecting Adversaries
Threat hunting requires that the hunter understand the mind of the adversary and seek to take out attacks before the hunters can themselves be detected. So...
Threat Hunting: Detecting Threats
There has been a recent colossal surge in targeted attacks, including complex penetration techniques, compromise of users’ credentials, fileless malware,...
10 Tips for Effective Threat Hunting
Cyber-attacks are increasing in number every day, as well as in their frequency and sophistication; worse, they often circumvent organizations’ existing protective...
How to Conduct a Threat Hunt – 10 Steps
An overwhelming increase in sophisticated and targeted attacks from threat actors, or even nation-states such as Iran, China and Russia, have made threat-hunting...
Threat hunting maturity model
Before moving forward in describing the threat hunting maturity model, we need to understand what threat hunting is. Threat hunting is the act of proactively...
Best Practices for Threat Hunting in Large Networks
When we think of modern threat hunting, we think about proactively looking for exceptional situations across the network. Rather than waiting for an incident...
VERIS INCIDENT FRAMEWORK
The VERIS methodology was created by Verizon back in 2010. This was an effort to create an environment for the classification of specific information.
The VERIS...
Threat Hunting for Mismatched Port – Application Traffic
Indicators of compromise or IOCs are evidence indicating a breach of security. IOC includes virus signature, IP address, Hash value of Malware, Malicious...
Threat Hunting for Unexpectedly Patched Systems
Threat hunting is the proactive approach to find anomalies related to threats that could cause potential harm to an organization. These could be the signs of...