Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat Hunting

splunk

The Threat Hunting Guide: Everything To Know About Hunting Cyber Threats

Apr 26, 2023 By David Bianco In Splunk
Threat hunting has become an increasingly important aspect of cybersecurity, as organizations strive to identify and mitigate security incidents that automated systems may have missed. Yes, the definition of threat hunting can vary, and it generally involves a combination of manual and machine-assisted processes driven by human curiosity and pattern recognition.
Read Post

2023 SANS Threat Hunting Survey Focusing on the Hunters and How Best to Support Them

Apr 24, 2023 By Corelight In Corelight
As vendors develop new software or tools for threat hunting, we need to remember that threat hunting is predominantly a human-based activity in looking for incidents that our automated tools have not yet found, or cannot yet detect.
View Video
graylog

Threat Hunting vs Incident Response for Cyber Resilience

Apr 18, 2023 By The Graylog Team In Graylog
Protecting data and protecting business continuity are both similar and different. In a data driven world, your mission as a security analyst is to prevent threat actors from gaining unauthorized access to sensitive data and systems. Simultaneously, you also need to investigate incidents rapidly, ensuring that critical services experience as little downtime as possible.
Read Post
splunk

Introducing the PEAK Threat Hunting Framework

Apr 18, 2023 By David Bianco In Splunk
Cybersecurity is an ever-evolving game of cat and mouse. As security experts come up with new ways to protect valuable digital assets, cybercriminals develop craftier techniques to bypass these defenses. Enter threat hunting – the proactive practice of ferreting out those sneaky cyber-rodents.
Read Post

Threat Hunting Fundamentals: Why Network Data Should Be At Core of Your Process

Apr 17, 2023 By Corelight In Corelight
Speakers: AJ Nurcombe (Corelight), Brandon Dunlop (ISC2) Threat hunting is a challenge to get right, with many potential pitfalls. There are twenty different definitions for threat hunting and ten different ways to do it. Organisations vary from having zero presence in their threat hunting program to multiple full-time hunters, but unfortunately, they often miss many critical pieces. This webinar will cover the common oversights that organisations fall foul of as well as emphasising the importance of network evidence in your threat hunting framework.
View Video
CrowdStrike

Behind the Curtain: Falcon OverWatch Hunting Leads Explained

Apr 17, 2023 By Falcon OverWatch Team In CrowdStrike

Most hunting enthusiasts agree that the thrill of hunting lies in the chase. Equipped with experience and tools of their trade, hunters skillfully search for signs of prey — a broken twig, a track in the mud. CrowdStrike® Falcon OverWatch™ threat hunters are no different. They search for signs of their prey — of adversaries lurking in the dark — and these signs are called hunting leads.

Read Post
Trustwave

How Advanced Continual Threat Hunting Takes MDR and Cybersecurity to the Next Level

Apr 14, 2023 By Trustwave In Trustwave

When researching which managed detection and response (MDR) service provider to partner with, security professionals would do well to consider whether the provider also has experience with threat hunting, a topic we covered in a previous post. As with MDR, however, threat hunting offerings can vary dramatically, and an innovative, human-led form promises significant gains in terms of cyber protection: advanced continual threat hunting.

Read Post
Trustwave

Why Threat Hunting is Crucial to a Managed Detection and Response Service

Apr 7, 2023 By Trustwave In Trustwave

Managed detection and response (MDR) is justifiably one of the fastest-growing areas of cybersecurity, with Gartner estimating 50 percent of organizations will be using MDR services by 2025. But in choosing an MDR service, security pros should take into consideration what kind of expertise the provider can bring to bear – and how that expertise should extend beyond the MDR service itself.

Read Post
splunk

Using Workflow Actions & OSINT for Threat Hunting in Splunk

Apr 3, 2023 By Ryan Kovar In Splunk
Picture yourself, a threat hunter using Splunk, and the words "workflow action" are uttered by your helpful security Splunker... Workflow actions make you a faster and more effective security analyst. They allow you to skip the laborious steps of logging into various websites to do your job and just get straight to business.
Read Post
Torq

How Continuous Threat Hunting Addresses Potential Okta Password Exposure Via Failed Login Attempts

Mar 27, 2023 By Leonid Belkind In Torq

Last week, the incident response firm Mitiga published research outlining the potential exposure of Okta passwords of organizational users. The method involves a mistaken entry of one’s password in the username field in an Okta login interface – something that, according to the research, is not an infrequent occurrence.

Read Post
Subscribe to Threat Hunting

Copyright © 2024 OpsMatters™. All rights reserved.