How to Start Threat Hunting: A Threat Hunting Overview - Deep Dive or Dabble?

In the world of cyber security, you don’t just “go threat hunting”. You need to have a target in mind, you need to look in the right places and you need the right weapons. In this real training for free session, we will discuss how to start threat hunting and the minimum toolset and data requirements needed. We will take into account that while some of you can devote most of your time to threat hunting, most of us have limited time and resources for this activity. The good news is that threat hunting is flexible and anyone can do it, ranging from a few hours a week to full-time. In this webinar with Randy Franklin Smith (of Ultimate Windows Security) we work through a total of 7 types of threat hunting: Recognizing suspicious software Scripting abuse AV follow-up Lateral movement Persistence DNS abuse Bait-the-bad-guy Nathan Quist (aka “Q”) joins from the LogRhythm side, Q is a Threat Research Engineer that works with LogRhythm’s internal SOC team and our clients to perform deep dives into their environments to uncover threats facing our industry. His presentation will highlight how LogRhythm’s NextGen SIEM platform, leveraging easily configurable or even out-of-the-box content, can automate the process of threat hunting. In addition, he deep dives into the value of effectively parsed data, how to find abnormalities (not just alarms) and how LogRhythm plays nicely with other tools that are critical for threat hunting.
source: https://www.youtube.com/watch?v=ArK8sqDGYVI

Para mas noticias, visita: https://sectemple.blogspot.com/