Welcome to an Introduction to Network Threat Hunting by Bricata.
How do you detect something that hasn’t triggered an alert?
The role of the threat hunter is becoming an increasingly important facet of many mature cyber security programs. It seeks to address the ever-present gap that exist in the automated and in-place security solutions by proactively looking for threats and malicious activities that have remained undetected or failed to trigger an alert.
In this short webinar we will cover the broad definition of threat hunting, focusing on the network aspects of the activity. We will discuss key pillars for setting up a successful hunt and walk through the skills, processes, and tools that help make network threat hunting possible. You will learn the basics of how to develop a hunt hypothesis and how to apply frameworks like MITRE ATT&CK to keep your efforts focused and efficient. We will finish up by introducing some analytic techniques and use them to spot a few examples of anomalous or unusual threat-based network activity.