Home | README.md | Portfolio | ← | →

Reading/Video What Is Threat Hunting and Why Is It so Important? – Video Blog

How are Threat Hunting and Pentesting different?

Both of these roles would be used in the same scenario: Pentester would execute a cyber attack, and the threat hunter would go beyond the system's security measures, and use tools and their talent to seek out threats that evaded the security measures.

What is the primary objective of Threat Hunting?

• To find any threats that were not pickup up by the security measures put in place, and improve upon the overall security system.

Your organization has a fully functioning SOC but not active Threat Hunting. How would you advocate for your security

organization to start Threat Hunting activities?

• When pen-testing events are taking place, suggest that this be broken up to two teams, and suggest we are already doing active threat hunting, but how to improve upon it.

Bookmark and Review

Active Countermeasures The creator of the RITA tool, AC is an excellent resource for threat hunting tools and topics. SQRLL Archive “From about 2015 until they were purchased by Amazon Web Services (AWS) in early 2018, Sqrrl was a threat hunting platform vendor with an unusually strong focus on teaching the cybersecurity community about threat hunting best practices. They published some of what are still foundational documents about threat hunting.”