Threat Hunting
Threat hunting is a proactive cyber security technique where you scour networks, systems, and devices for anomalies to proactively search for cyber threats. It is an important measure that allows analysts to deep dive into the attack surface and expose malicious threats. These advanced threats have often successfully infiltrated the initial endpoint security layers undetected. Its core focus is to prevent sophisticated cyberattacks and advanced persistent threats from wreaking havoc within the network.
-
Discover 10 practical ways you can take advantage of the AI takeover and use ChatGPT to help you perform threat hunting and enhance your capabilities.
-
Welcome back to this series on building threat hunting tools! Today how interacting with APIs can help us threat hunt.
-
Learn about web scraping and to create your own tool to scrape threat intelligence from CISA’s weekly vulnerability summary.
-
Discover how to integrate your cyber threat intelligence with your threat hunting tasks to create the perfect pipeline and streamline your operations.
-
Learn how to build your own threat hunting tools with Python in this new series! First, let’s find out why it is important to build your own tools.
-
Learn how attackers use the Windows Startup Folder to maintain persistence once they’ve compromised a machine. Then hunt for these malicious Startup Folder items.
-
Discover how to create your own custom Sigma rules to hunt for the latest threats that are affecting your environment and thwart threat actors.
-
Learn how attackers use Windows services to maintain persistence once they’ve compromised a machine. Then see how to hunt for these malicious services.
-
Learn how to use threat intelligence articles, the MITRE ATT&CK framework, and Sigma rules to perform threat-informed hunting using Splunk queries.
-
Learn how attackers use scheduled tasks to maintain persistence once they’ve compromised a machine. Then see how to hunt for these tasks.
-
Let’s explore the MITRE ATT&CK framework and find out why it’s a must know tool for any cyber threat intelligence analyst looking to tackle the latest threats.
-
Learn how attackers use Windows registry keys to maintain persistence once they’ve compromised a machine. Then see how to hunt for these malicious keys.
-
Discover how to turn a bad guy’s day into a nightmare using the Pyramid of Pain to elevate your threat detections and increase the cost on adversaries.
-
Learn how to use Velociraptor’s threat hunting capabilities to identify malicious activity associated with real-world malware and threat actors in this demo.
-
Discover how to create a virtualized threat hunting environment and use Velociraptor as a threat hunting tool to sniff out malicious reverse shells.
