Book description
Beyond incident response and threat intelligence operations, threat hunting can provide an extra layer of defense for your company’s network. In many organizations, security analysts initiate threat hunting when they spot something weird—network conditions or activity not easily explained—in an effort to catch subtle, more deeply embedded attackers. With this practical ebook, you’ll explore how this method works and learn how to stage an effective threat hunting program and evaluate the results.
Author Michael Collins, chief scientist for the network security and data analysis company RedJack in Washington, DC, explains why threat hunting is an ideal support for your existing security operations center. With both architecture and attacks constantly changing, proactive threat hunting will help security analysts and security managers discover how your company’s assets really work.
- Learn about the process, goals, and benefits of threat hunting
- Examine your organization’s readiness for threat hunting, including the resources, data, and personnel you need
- Delve into the process using a typical threat hunting workflow
- Get a brief encyclopedia of threat hunting techniques, including core concepts and situational awareness
- Explore resources for additional threat hunting strategies and techniques
Table of contents
- An Introduction to Threat Hunting
- 1. Threat Hunting and Its Goals
- 2. Should You Hunt?
- 3. A Hunting Process
- 4. A Dictionary of Threat Hunting Techniques
- 5. References and Further Reading
Product information
- Title: Threat Hunting
- Author(s):
- Release date: May 2018
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781492028253
You might also like
book
Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents
Create, maintain, and manage a continual cybersecurity incident response program using the practical steps presented in …
book
Practical Cyber Forensics: An Incident-Based Approach to Forensic Investigations
Become an effective cyber forensics investigator and gain a collection of practical, efficient techniques to get …
book
Hunting Cyber Criminals
The skills and tools for collecting, verifying and correlating information from different types of systems is …
book
CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)), 6th Edition
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, …