Chapter 10: Leveraging Hunting to Inform Operations

In the previous few chapters, we have focused in-depth on leveraging the Elastic Stack to perform hunt operations. This was done by searching through your data using the Discover App, creating rich and contextual visualizations and dashboards, and leveraging the Security App to explore malicious endpoint and network activities.

A key aspect of the success of hunt operations is how they are incorporated into traditional security and IT operations. Let's now explore how to enhance the protective posture of organizations. In this chapter, you'll learn about the incident response process, how threat hunters can fold into that process, how threat hunters can do more than just find adversaries, and ...

Get Threat Hunting with Elastic Stack now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Threat Hunting with Elastic Stack by Andrew Pease

Chapter 10: Leveraging Hunting to Inform Operations

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly