12 Understanding the Output
Join our book community on Discord
In the previous chapter, we covered the importance of having a good data management process established and discussed the impact that not having one would have on our hunts. In this chapter, we are going to cover what to do with data when running our queries outside of our lab environment and what things to consider in order to refine our queries. Deciphering the output of data analysis is crucial in threat hunting, since precise interpretations can be the difference between detecting a threat and missing it.
In this chapter, we're going to cover the following ...
Get Practical Threat Intelligence and Data-Driven Threat Hunting - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
