Search
-
Re: Infosec Hunt
-
Re: Infosec Hunt
Is there any differentiation between (pseudo) real-time hunting using Netflows and packet caps and sometime-after-the-fact event hunting using logged events? Having a SIEM look for account lockout events in syslog messages isn't what I think of as "threat hunting." To me, "hunting" is a human looking for things happening… -
Re: Infosec Hunt
Hunt Teams are exactly what they sound like: teams of security professionals who prowl the network looking for compromise. The prevailing theory is that most companies are compromised and just don't know it yet. Members of the hunt team will begin looking for signs of a compromise and then go about fixing it. To rattle off… -
Re: Infosec Hunt
To me hunting is finding the anomalies in a computer network that can lead to identifying loss or potential loss of the confidentiality, availability, or integrity of them without solely relying on traditional ([NH]I[PD]S, Antivirus, vulnerability scanners, Firewall) means of detection. Hunting is not automation,…
4 results