Good Threat Hunting
Have you ever noticed “threat hunting” in vendor products and wondered exactly what it means? Jamie Williams is here to explain: Threat hunting is the R&D of detection engineering. A threat hunter imagines what an attacker might try and, critically, how that behavior would show up in the logs of a particular environment. Then the threat hunter has to parse out if those logs would be significantly different than normal use logs, because no one wants false alarms all the time. James explains how this process works within vendor companies, as well as how you can threat hunt on your own– those pesky false alarms being a great place to start. And yes, you will hear the portmanteaus “thrunt” and “thrunters” quite a bit in this episode. Prepare yourself. This episode was recorded live at RSA Conference 2024 in San Francisco.
. . . . .
Packet Protector is part of the Packet Pushers network. Visit our website to find more great networking and technology podcasts, along with tutorial videos, the Human Infrastructure newsletter, and loads more resources for building your IT career. https://packetpushers.net
Watch video Good Threat Hunting online without registration, duration hours minute second in high quality. This video was added by user Packet Pushers 14 May 2024, don't forget to share it with your friends and acquaintances, it has been viewed on our site 84 once and liked it 4 people.