Threat Hunting: Methodologies, Tools and Tips
InfosecTrain - Podcast tekijän mukaan InfosecTrain
Kategoriat:
Threat Hunting is a proactive method used by Security Analysts for identifying unfamiliar or non-remediate cyber threats in the organization’s network. It includes searching iterative methods to identify indicators of compromise, threats such as Advanced Persistent Threats (APTs), and Hacker tactics, techniques, and procedures (TTP), which damage the existing system. A threat hunting program is based on data analysis, in which an organization has an enterprise security system that collects a huge amount of data. The information collected from it includes confidential clues for Threat Hunters. The art of threat hunting goes beyond the traditional detection approach, such as Security information and event management (SIEM), Endpoint detection and response (EDR), and others. They search for hidden attackers and look for patterns of suspicious activities. To prevent any other cyberattacks from recurring, they patch an enterprise’s security system. View More: Threat Hunting: Methodologies, Tools and Tips