TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Huntress

Managed SIEM and the Art of Perfecting Cyber Defense | Huntress

2024-12-05 · Read original ↗

ATT&CK techniques detected

5 predictions
T1021.002SMB/Windows Admin Shares
77%
“level of remediation following a security event is only possible through the use of managed siem. individual layers of the environment can be examined for iocs holistically, giving the huntress soc a clearer strategy of defense toward partner environments in response to security …”
T1087Account Discovery
72%
“analysts jumped into action with some quick forensic analysis and pinpointed the machine the threat actor had used to breach the network. turning to managed siem, a quick search was run for the compromised machine name and uncovered a list of user accounts that the attacker had t…”
T1078.001Default Accounts
58%
“’ s current and historic configuration to accurately conclude that the machine was unintentionally exposing port 445 ( smb ) and port 3389 ( rdp ) to the public internet, resulting in adversarial brute - force attempts on both services. in another proactive interaction, managed s…”
T1021Remote Services
53%
“level of remediation following a security event is only possible through the use of managed siem. individual layers of the environment can be examined for iocs holistically, giving the huntress soc a clearer strategy of defense toward partner environments in response to security …”
T1187Forced Authentication
31%
“level of remediation following a security event is only possible through the use of managed siem. individual layers of the environment can be examined for iocs holistically, giving the huntress soc a clearer strategy of defense toward partner environments in response to security …”

Summary

How Huntress Managed SIEM turns signal recognition into defensive mastery.