LATEST INTELLIGENCE
another network . So , if you ’ re not hunting for artifacts in your environment , how will you discover that attackers are evading your current defenses ?
Hunting has several positive outcomes . The first is you might find artifacts of an active intruder that your current defenses missed . While some may think this is a tragedy , it can be a huge win , especially if the intruder hasn ’ t completed their objective ( s ). In every hunt , there ’ s always something to find .
You may discover network or software misconfigurations that pose a threat , either because they degrade network performance or introduce a vulnerability . Next , the hunt could yield run-of-the-mill infections such as adware , or other dormant malware that aren ’ t directly targeting your organization but are still a threat . Lastly , resource abuse and Shadow IT , services that are not officially supported , can introduce risk through degraded network performance or new adversary attack vectors . Every hunt teaches you something new about the network which will aid in your next investigation . p
Download whitepapers free from www . intelligentcio . com / me / whitepapers / paying for it . The computer ’ s books didn ’ t quite balance ; last month ’ s bills of $ 2,387 showed a 75-cent shortfall .”
This 75-cent difference was the indicator that led to the discovery of multiple corporations and government systems that were compromised . The term “ interesting ” is used throughout this guide and it is only limited by your imagination .
WHY CONDUCT A THREAT HUNT ?
Most host-or network-based detection systems rely on matching , otherwise known as signatures , to generate alerts to signal defenders that there is something unwanted in the network . However , attackers are continually evolving to evade detection , and signatures are developed only after the artifact was discovered in
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 23