Practical threat intelligence and data-driven thread hunting : a hands-on guide to threat hunting with the ATT&CK framework and open source tools /
Gazcon, Valentina Costa-
Practical threat intelligence and data-driven thread hunting : a hands-on guide to threat hunting with the ATT&CK framework and open source tools / Valentina Costa-Gazcon - Birmingham, UK : Packt Publishing, Limited, c2021 - 398 pages : illustrations ; 24 cm.
Includes index.
What is Cyber Threat Intelligence? -- What is Threat Hunting? -- Where Does the Data Come From? -- Mapping the Adversary -- Working with Data -- Emulating the Adversary -- Creating a Research Environment -- How to Query the Data -- Hunting for the Adversary -- Importance of Documenting and Automating the Process -- Assessing Data Quality -- Understanding the Output -- Defining Good Metrics to Track Success -- Engaging the Response Team and Communicating the Result to Executives.
Threat hunting is the act of proactively tracking and eliminating adversaries from your network as early as possible. Practical Threat Intelligence and Data-Driven Threat Hunting covers both threat intelligence and the act of threat hunting from the first steps to advanced practices.
9781838556372
COMPUTER SECURITY
TK 5105.875.I57 .G39 2021
Practical threat intelligence and data-driven thread hunting : a hands-on guide to threat hunting with the ATT&CK framework and open source tools / Valentina Costa-Gazcon - Birmingham, UK : Packt Publishing, Limited, c2021 - 398 pages : illustrations ; 24 cm.
Includes index.
What is Cyber Threat Intelligence? -- What is Threat Hunting? -- Where Does the Data Come From? -- Mapping the Adversary -- Working with Data -- Emulating the Adversary -- Creating a Research Environment -- How to Query the Data -- Hunting for the Adversary -- Importance of Documenting and Automating the Process -- Assessing Data Quality -- Understanding the Output -- Defining Good Metrics to Track Success -- Engaging the Response Team and Communicating the Result to Executives.
Threat hunting is the act of proactively tracking and eliminating adversaries from your network as early as possible. Practical Threat Intelligence and Data-Driven Threat Hunting covers both threat intelligence and the act of threat hunting from the first steps to advanced practices.
9781838556372
COMPUTER SECURITY
TK 5105.875.I57 .G39 2021