Threat Hunting for Every SOC: How to Easily Attain a Hunting Life Cycle
Thursday, December 3, 2020
If you are a SOC analyst you know that the chase after attackers is endless, as they will always come up with new Tactics, Techniques, and Procedures (TTPs) to bypass organizational defenses. Cyber threat hunting is a proactive method for threat detection which relies on that very assumption – ATTACKERS ARE ALREADY IN. Finding their traces (past and present) is the starting point to stopping the attack.
Join Hunters to learn how you can easily include threat hunting cycles in your everyday SOC work. You’ll learn:
- Tips for using prevalent data sources and security products on cloud, network, and endpoint, to connect the dots between them
- We’ll show how to ask questions to correlate different data-sources and discover potential threat actors
- We’ll provide an example on how to leverage EDR, Proxy or Email logs and cross those with Cloud logs
- How to mature an attack thesis and automate it to create high-fidelity alerts
- How to navigate through noisy detections and alerts
- How to create a cost-effective process to reduce threat exposure and increase visibility into different attack surfaces
Join us December 3rd to learn more.