Using MITRE ATT&CK™ in Threat Hunting and Detection
Published by LogRhythm
Threat hunting is the process of proactively searching for malware or attackers that reside on your network . The generally accepted method is to leverage a security information and event management (SIEM) solution that centrally collects log data from disparate sources — endpoints, servers, firewalls, security solutions, antivirus (AV), and more — providing visibility into network, endpoint, and application activity that might indicate an attack . In this white paper, we will discuss the minimum toolset and data requirements you need for successful threat hunting . We will take into account that, while some readers can devote most of their time to threat hunting, like most, you have limited time and resources for this activity . The good news is that threat hunting is flexible, and anyone can do it, regardless if you are spending just a few hours a week to full time.
In order to provide you with this free service, we may share your business information with companies whose content you choose to view on this website.
System Security, Antivirus, Identity and Access Management (IAM), Firewall, Network Detection and Response (NDR)