perm_phone_msgHAVE AN EMERGENCY? Call: (40) 0765 279 019

Top Categories

Spotlight

todayFebruary 11, 2020

Uncategorized Gabriel Garban

FEW CONSIDERATIONS OVER AN EFFICIENT PASSWORD POLICY

In many cases, passwords are the primary line of defense protecting user accounts from being hijacked in an ATO attack. With the right policies and parameters in place to ensure strong, unique passwords, this defense can be quite effective. According to a 2019 survey by Google, a staggering 65% of [...]

Week News
Sorry, there is nothing for the moment.
Top Voted
Sorry, there is nothing for the moment.

Threat Hunting

Background
share close

Cyber threat hunting digs deep to find malicious actors in your environment that have slipped past your initial endpoint security defenses.

After sneaking in, an attacker can stealthily remain in a network for months as they quietly collect data, look for confidential material, or obtain login credentials that will allow them to move laterally across the environment.

Once an adversary is successful in evading detection and an attack has penetrated an organization’s defenses, many organizations lack the advanced detection capabilities needed to stop the advanced persistent threats from remaining in the network. That’s why threat hunting is an essential component of any defense strategy.

 

GLOBAL CYBER VISION’S THREAT HUNTERS ASSUME THAT ADVERSARIES ARE ALREADY IN YOUR SYSTEM.

 

This initiation of investigation typically falls into three main categories:

  1. Hypothesis-driven investigation

Hypothesis-driven investigations are often triggered by a new threat that’s been identified through a large pool of crowdsourced attack data, giving insights into attackers’ latest tactics, techniques, and procedures (TTP).

  1. Investigation based on known Indicators of Compromise or Indicators of Attack

This approach to threat hunting involves leveraging tactical threat intelligence to catalog  known IOCs and IOAs associated with new threats.

  1. Advanced analytics and machine learning investigations

The third approach combines powerful data analysis and machine learning to sift through a massive amount of information in order to detect irregularities that may suggest potential malicious activity.

All three approaches are a human-powered effort that combines threat intelligence resources with advanced security technology to proactively protect an organization’s systems and information.