Threat Hunting 101: 8 Threat hunts you can do with available resources
In this white paper, we will discuss the minimum toolset and data requirements you need for successful threat hunting. We will take into account that, while some readers can devote most of their time to threat hunting, like most, you have limited time and resources for this activity. The good news is that threat hunting is flexible, and anyone can do it, regardless if you are spending just a few hours a week to full time.
Threat hunting is the process of proactively searching for malware or attackers that reside on your network. The generally accepted method is to leverage a security information and event management (SIEM) solution that centrally collects log data from disparate sources — endpoints, servers, firewalls, security solutions, antivirus (AV), and more — providing visibility into network, endpoint, and application activity that might indicate an attack.
The challenge with threat hunting is knowing what to look for. So, this white paper explores eight types of threat hunts that you can use to spot suspicious abnormalities that might be a leading or active indicator of threat activity. Download to find out more!
Read More
By submitting this form you agree to LogRhythm contacting you with marketing-related emails or by telephone. You may unsubscribe at any time. LogRhythm web sites and communications are subject to their Privacy Notice.
By requesting this resource you agree to our terms of use. All data is protected by our Privacy Notice. If you have any further questions please email dataprotection@techpublishhub.com
Related Categories: Applications, Email, Email Management, Endpoint Security, Event Management, Finance, Firewall, Linux, Malware, Network, Operating System, Sales, SAN, Server, Software, VPN, Windows Server
More resources from LogRhythm
Threat Hunting 101: 8 Threat hunts you can do...
In this white paper, we will discuss the minimum toolset and data requirements you need for successful threat hunting. We will take into account th...
Using MITRE ATT&CKâ„¢ in Threat Hunting and D...
MITRE ATT&CK â„¢ is an open framework and knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK provides a co...
Dissecting a Cloud Attack: Securing Azure wit...
Microsoft Azure is one of the fastest-growing cloud infrastructure services. Unfortunately, the advantages associated with the cloud come with uniq...
