Good Threat Hunting
Have you ever noticed “threat hunting” in vendor products and wondered exactly what it means? Jamie Williams is here to explain: Threat hunting is the R&D of detection engineering. A threat hunter imagines what an attacker might try and, critically, how that behavior would show up in the logs of a particular environment. Then the threat hunter has to parse out if those logs would be significantly different than normal use logs, because no one wants false alarms all the time. James explains how this process works within vendor companies, as well as how you can threat hunt on your own– those pesky false alarms being a great place to start. And yes, you will hear the portmanteaus “thrunt” and “thrunters” quite a bit in this episode. Prepare yourself. This episode was recorded live at RSA Conference 2024 in San Francisco.
. . . . .
Packet Protector is part of the Packet Pushers network. Visit our website to find more great networking and technology podcasts, along with tutorial videos, the Human Infrastructure newsletter, and loads more resources for building your IT career. https://packetpushers.net
Watch video Good Threat Hunting online, duration hours minute second in high quality that is uploaded to the channel Packet Pushers 14 May 2024. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 84 times and liked it 4 visitors.
