Introduction Threat hunting (detecting and finding things that you weren't previously aware of) has been around for a long time and most 'medium maturity' organizations will attempt to set up some form of threat-hunting activity or program but will find themselves stuck thinking about all the super cool advanced stuff and end up not actually really doing anything at all. So, I've created this blog post to help get people on track to actually develop something for their organization. Why bother? You and your organization should be doing threat hunting because at its heart it is just an application of a foundational concept within cybersecurity. Understanding what is going on in your consistency. So, because of this, it's virtually impossible to not receive a return on investment. Start a hunt and find you haven't been collecting logs for the last 6 months? Great! that's a positive output from threat hunting! Start a hunt and find more shadow IT than you can
Showing posts from October, 2022
- Other Apps
Hi, I do alot of research into threat hunting, detection engineering and security architecture. This place will be to store my loot (things I find interesting). Feel free to do whatever you like! I will try to keep the format of this blog as formal as possible so if you want random insane ramblings about my loot you can stare at my twitter.