Sqrrl
Follow
210 Followers
Follow Sqrrl on their other social channels!
About Us
Founded:
2012
Company Size:
51-200 employees
Company Type:
Private
Location:
Cambridge, MA
Website:
Sqrrl is the Threat Hunting Company that enables organizations to target, hunt, and disrupt advanced cyber threats. Sqrrl’s industry-leading Threat Hunting Platform unites link analysis, User and Entity Behavior Analytics (UEBA), and multi-petabyte scalability capabilities into an integrated solut ...
Read more
Promoted Content
Threat Hunting Past, Present, and Future: A Discussion with the Original GE CIRT Incident Handlers
Follow
Why is threat hunting an important skill to learn? Check out this 3-minute YouTube video for the answer:https://www.youtube.com/watch?v=_wNv6h_23lo
Follow
12
How to Fill in Threat Detection Gaps: an Expert Interview
Danny Akacki currently works as part of a hunt team at a Fortune 100 company in the financial sector. He started threat hunting at Mandiant as part of David Bianco’s team, and has spent the past four years working in threat hunting and incident response.Key Takeaways:-Embrace “purple teaming.” The best SOCS have have red team and blue team analysts that closely coordinate with each other to share information.-A good way to establish baselines for network behaviour is to use ...
Follow
168
Why Do You Need a Hunt Team? The Surprising Answer
You’ve probably heard this a million times now: “You need a hunt team”. This is true, as far as it goes, but why? For most people, the initial answer is probably something close to this: “So we can find bad guys on our network”. Again, this is true, but would it surprise you to learn that finding the bad guys is probably the least important reason to have a hunt team?The Big Three ReasonsAlthough there are probably as many reasons to have a hunt team as there a ...
Follow
389
Cyber Incident Investigation Series: Investigating Attack Scopes
By Chris Sanders As defenders, the critical moment is when we've determined that an attacker's attempt to gain a foothold onto the network was successful. This sets of a chain of investigative activity where we follow breadcrumbs through our data to understand where they attacker went, what their mission is, and what they took. As these breadcrumbs are uncovered, we don't just have to follow their path, we also must ascertain if similar evidence can be found at other points on the network. ...
Follow
83
Building a Top-Tier Hunt Team: an Interview with Alan Orlikoski
Alan Orlikoski has over 15 years of experience in both the private and public sectors of the IT industry. He has designed and implemented defense solutions for government and Fortune 100 companies. He has more recently participated on teams tasked to assess and advise Fortune 100 clients, with a focus on maturing an organization’s ability to more quickly and effectively detect, respond to, and contain targeted attacks.Key Takeaways:A good hunter is a “jack of all trades” and is able t ...
Follow
88
Answering Questions Before They’re Asked (Guest Article by Chris Sanders)
Investigations are all about iterating through evidence that helps you make decisions about what events transpired on your network. That sounds easy enough, but asking the right questions and identifying the data you need to answer them is tricky. This problem manifests in two ways. First, not having enough of the right data means you may be unable to answer the questions that will move the investigation forward. Conversely, having too much data may be overwhelming with a tremendous number of fi ...
Follow
Ryan Nolette and Adam Fuchs are teaming up for tomorrow\'s webinar training session \"Threat Hunting for Lateral Movement\" @ 2 pm ET | 1 pm CT | 11 am PT. Sign up:http://info.sqrrl.com/threat-hunting-lateral-movement
Follow
114
Retracing Investigation Steps When Threat Hunting
Finding evil is all about asking the right questions, finding answers, and using those answers to ask more questions. Each question and answer represent a decision point, branching the investigation off down a new path. The path of the analyst is far from linear, and sometimes we need to go back and retrace our steps to work from a previous decision point. Just like Hansel and Gretel left breadcrumbs along their path through the woods, we too need breadcrumbs to ensure that we’re fully explori ...
Follow
322
Hunter Profile: Pietro Bempos
Sqrrl's Hunter Profile series collects tips, tricks, and experiences from leading threat hunters. Our latest profile is on Zurich Insurance's Pietro Bempos. Check out more Hunter Profiles here. Who are you?Hello, my name is Pietro Bempos. I wrote my first computer program on my Amstrad CPC 6128 on 1989, and since then I haven’t stopped working with computers. I've worked professionally on IT for 10+ years and most recently have become a full time Threat Hunter. You can find m ...
Follow
124
Threat Hunter Profile: Quantum Security's James Bower
Our Threat Hunter Profiles series interviews leading hunters for their tips, tricks and stories. Read James' profile on our blog and check out the full profile series here! Who are you? My name is James Bower, and I’m a threat researcher and hunter for Quantum Security here in Atlanta. I currently advise and consult on threat hunting and red/blue team services for a handful of companies in metro Atlanta. I’ve been consulting in InfoSec for over a decade now and have been hunting in some form ...
Follow
163
Enterprise Cyber Threat Hunting using Big Data
This interview by TAG Cyber CEO Ed Amoroso was originally published here. The proper role for humans in real-time cyber security has not always been crystal clear. My belief two decades back was that automation should feed prioritized alarms to friendly operators wearing headsets (think colorful ADT brochure), and that customers would receive timely notifications whenever something was amiss in their network. It was a logical, attractive view of cyber operations – and it was wrong. The problem ...
Follow
Check out our newest threat hunter profile on Ryan Nolette with this tips, tricks, and walkthrough of uncovering a major enterprise breach!http://blog.sqrrl.com/threat-hunter-profile-ryan-nolette
Follow
470
Four Common Threat Hunting Techniques with Sample Hunts
The buzz around threat hunting continues to build. Anton Chuvakin at Gartner is developing his first paper on the topic, and Richard Bejtlich recently unearthed the origins of the concept in his blog. However, the security industry is still in need of practical examples of how to hunt. In this post, I’ll give you a quick refresher on a few common hunting techniques and show you what they look like in practice with two example hunts:Example 1: Utilizes a list ...
Follow
Get tips from veteran security analysts in our Threat Hunter Profile series! Our newest profile is on Kris Merritt of Vector8. Check out his tips on tools and intelligence sources (and hear about the time his team detected a Russian state actor!) http://blog.sqrrl.com/threat-hunter-profile-kris-merritt
Follow
Sign up for our March 1st training session on uncovering advanced threats using DNS and data science! http://sqrl.ly/2kHVZ36

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar
Cybrary works best if you switch to our Android-friendly app
Continue

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel