Threat Hunting 101: 8 threat hunts you can do with available resources

Thumb original uk uws threat hunting 101 white paper

Threat hunting is the process of proactively searching for malware or attackers that reside on your network. The generally accepted method is to leverage a security information and event management (SIEM) solution that centrally collects log data from disparate sources — endpoints, servers, firewalls, security solutions, antivirus (AV), and more — providing visibility into network, endpoint, and application activity that might indicate an attack.

In this white paper, we will discuss the minimum toolset and data requirements you need for successful threat hunting. We will take into account that, while some readers can devote most of their time to threat hunting, like most, you have limited time and resources for this activity. The good news is that threat hunting is flexible, and anyone can do it, regardless if you are spending just a few hours a week to full time.

View Whitepaper
Logrythm logo
Provider: LogRhythm EMEA   |   Size: 3.52 MB   |   Language: English
Keep Reading:
Thumb original uk uws using mitre attack in threat hunting and detection white paper

Using MITRE ATT&CK™ in Threat Hunting and Detection

MITRE ATT&CK1 is an open framework and knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK provides a common taxonomy of the tactical objectives of adversaries and their methods. Having a taxonomy by itself has many valuable uses, such as providing a common vocabulary for exchanging information with others in the security community. But it also serves as a real technical framework for classifying your current detection efforts and identifying gaps where you are blind to certain types of attack beh ...

To access the Whitepaper
Thumb original uk the security operations maturity model quick reference guide brochure

The Security Operations Maturity Model Quick Reference Guide

Organisations should think of security operations as a critical business process. Effective security operations are the first line of defence when it comes to preventing cyberattacks. To accomplish this, organisations need mature programs that leverage people, process and technology to rapidly detect and respond to sophisticated attacks.

Yet some organisations struggle with the overall effectiveness of their security operations. They also lack the basis for measuring the effectiveness and maturing capabilities. A mature security operation e ...

To access the Whitepaper
Thumb original laying the foundation for hybrid cloud   en

Laying the Foundation for Hybrid Cloud

VMware helps thousands of customers modernize their IT environments and adopt the latest cloud technologies. This overview contains stories from two VMware customers who charted unique paths to the hybrid cloud. One focused on improving application agility and moving off OpenStack to outpace competitors. The other focused on IT scale in the face of planned growth. Both started from a point of basic compute virtualization.

Read on to find out what challenges they faced, how they approached modernization and the results they achieved with a fo ...

To access the Whitepaper
Thumb original 5 common pitfalls of hci   how to avoid them   en

Five Common Pitfalls of HCI and How to Avoid Them

Whether deploying advanced analytics to optimize offerings, building next-gen online storefronts or creating self-service experiences for customers, businesses today are app-driven.

Many organizations are deploying both traditional and modern apps across a diverse infrastructure landscape that spans data centers, private and public clouds, and edge environments, and want a consistent way to manage them. They’re also looking for ways to optimize existing investments for long-term business impact. Traditional three-tier architectures—which are ...

To access the Whitepaper
Thumb original 3 compelling reasons to consolidate on hci   en

Three Compelling Reasons to Consolidate on Hyperconverged Infrastructure

IT teams are under constant pressure to evolve their operations because traditional infrastructure—typically comprised of sprawling, siloed, and complex storage solutions—often can’t keep up with the pace of change that modern organizations demand.

IT must evolve to take advantage of technological advancements, such as hybrid cloud architectures and cloud-native applications, which offer more agility, resources and scale that result in faster time-to-market for digital products and services. If organizations fail to upgrade legacy infrastruc ...

To access the Whitepaper