Testing Your Threat Hunt Platform

Join the new "Threat Hunting Community" Discord discussion server: https://bit.ly/3KRbEc9 0:00 - Before We Start 3:06 - Threat Simulation: Testing Threat Hunting Software 4:29 - OK, But Why? 6:11 - Approach 8:32 - Network Layout 9:11 - Setup 14:24 - Actual Testing 15:37 - Detecting DNS C2 Traffic 17:41 - DNS Live Demo 29:17 - What We Look For 30:08 - If Not Detected? 36:36 - Metasploit Framework 1:00:55 - More Information 1:01:45 - Questions From Discord Chat 1:16:44 - Peanut Butter & Jelly Because Threat Hunting is such a new discipline, it's not always clear what Threats a particular package can detect. In this webcast, Bill Stearns and Keith Chew will walk you through testing your Threat Hunting software to make sure it is working properly and can detect different types of unwanted traffic. This is a walkthrough of the process for detecting DNS beaconing and Metasploit. After this webcast, you should be all set to do testing on the other threat traffic types. In preparation for this webcast, check out our Threat Simulation blog series here: https://bit.ly/3G6iDKB
source: https://www.youtube.com/watch?v=whPqvIDfxvE

Para mas noticias, visita: https://sectemple.blogspot.com/