Threat Hunting Part 1 - The Basics
This will be the first of many posts I will be making with a focus on Threat Hunting and Detection Engineering for SOC Analysts and any other Blue Team or Blue Team-adjacent security professionals. My goal is to assist analysts and their own efforts within their organization to engage in proactive security measures via any and all avenues of Threat Hunting. So...What is Threat Hunting? For everyone reading this it is likely that you already have a general idea of what Threat Hunting is, but I think that it is always important for any analyst or security professional to thoroughly understand what we're trying to accomplish when Threat Hunting is discussed and performed. There are a few different definitions but the core of Threat Hunting is that it is a form of proactive security , meaning that instead of what we typically imagine the average security analyst's job to look like (I.E. surviving as semi-alive barely human alert jockey), Threat Hunting allows us to act off of our o...