11 Threat Hunting and Analysis of TTPs

In Chapter 3, the section on detection and analysis covered many possible cybersecurity incident discovery methods. Alerts from security controls, notifications from internal teams on suspicious behavior, and external notifications from subcontractors, counterparties, law enforcement agencies, and cyber threat intelligence cybersecurity vendors still don’t guarantee a holistic defense. Since 2017, the cybersecurity community began a new trend in proactive cyber threat discovery by applying the threat hunting process. Many vendors have tried to scrape this idea by misleading their clients using marketing tricks. It resulted in a lot of companies pulling IoCs from cyber threat intelligence providers, applying ...

Get Incident Response for Windows now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Incident Response for Windows by Anatoly Tykushin, Svetlana Ostrovskaya

11

Threat Hunting and Analysis of TTPs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly