Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition

CHAPTER 9 Introduction to Threat Hunting

In this chapter, we cover the following topics:

• Threat hunting basics

• Normalizing data sources with OSSEM

• Data-driven hunts using OSSEM

• Hypothesis-driven hunts using MITRE ATT&CK

• The Mordor project

• The Threat Hunter Playbook

What is threat hunting? Threat hunting is based on the assumption that an adversary is already in the network and you need to track them down. This is a topic that requires quite a bit of knowledge about (1) how adversaries operate and (2) how systems operate normally and when under attack. Therefore, this is a topic that cannot be covered fully in this chapter. However, we aim to give you an overview of the basics, from which you can expand over time. ...

Get Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition by Allen Harper, Ryan Linn, Stephen Sims, Michael Baucom, Huascar Tejeda, Daniel Fernandez, Moses Frost

CHAPTER 9

Introduction to Threat Hunting

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly