“that slips past existing automated security controls and detection systems. what is the difference between soc and threat hunting? the security operations center ( soc ) is the central, general - purpose team responsible for monitoring, detecting, analyzing, and responding to kno…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1592Gather Victim Host Information
42%
“deep investigations to analyze the gathered data, using analytics and potentially machine learning tools for pattern recognition and anomaly detection. - resolution : finally, once the hunter finds proof, it ' s time to act — patch vulnerabilities, update security policies, and r…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059Command and Scripting Interpreter
39%
“think like the attacker. " adopt an “ assume breach ” mindset. - develop diverse skills : a successful hunter needs a mix of skills : data analysis, network forensics, malware analysis, and often scripting / coding ( python, powershell ) to automate repetitive tasks and create cu…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1593.001Social Media
37%
“- driven, knowledge - driven, and hybrid hunts. 1. intelligence - driven hunts intelligence hunting is a structured hunt that involves collecting and analyzing intelligence from various sources to execute the hunt mission. intel can consist of file names, hashes, ips, campaigns, …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
What is cyber threat hunting, and what do threat hunters do? In this blog, we define what threat hunting actually is and the strategy and skill behind it.