DFIR

The Who, What, Where, When, Why and How of Effective Threat Hunting

Excellent paper from Robert M. Lee and Rob Lee about what it is Threat Hunting, when you should implement it, how to make it more effective; whom should be taking care of this role, in which part of your organization should be located, among other things.

Highly recommended if you’re interested on the Intelligence methodologies and implementing this practice on your company’s maturity model.

You can find this paper at the SANS DFIR community here.

Standard

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s