Chapter 15
Introduction to Threat Hunting
This chapter covers the following topics:
Threat Hunting and MITRE’s ATT&CK
Threat Hunting, Honeypots, Honeynets, and Active Defense
No security product or technology in the world can detect and block all security threats in the continuously evolving threat landscape (regardless of the vendor or how expensive it is). This is why many organizations are tasking senior analysts in their computer security incident response team (CSIRT) and their security operations center (SOC) to hunt for threats that may have bypassed any security controls that are in place. This is why threat hunting exists. Threat hunting is the act of proactively ...
Get Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
