Chapter 4: Threat Management – Detecting, Hunting, and Preventing

Blue teams handle the defense security posture of the organization and will have to face threats targeting various scopes of their organization, from endpoints and perimetric devices to employees. Companies have introduced many types of security devices for the technical part, such as Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and eXtended Detection and Response (XDR), for detection across multiple components.

Basically, in this chapter, we will extend the last part of the purple teaming process by diving deeper into the remediation step. Cyber threat management is a key process in order to reduce the risk identified as part of the ...

Get Purple Team Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Purple Team Strategies by David Routin, Simon Thoores, Samuel Rossier

Chapter 4: Threat Management – Detecting, Hunting, and Preventing

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly