Next at #bsidescbr2024 is Brody Nisbet from Crowdstrike on how to strategically perform threat hunting to gain an advantage against adversaries.
=> More informations about this toot | More toots from merospit@infosec.exchange
"It's probably not cyberwar and it's definitely not chess" - Brody Nisbet
[#]bsidescbr2024
=> More informations about this toot | More toots from merospit@infosec.exchange
Raising the costs of adversaries works because resourcing, and hence money, is always a factor.
[#]bsidescbr2024
=> More informations about this toot | More toots from merospit@infosec.exchange
A strategic Threat Hunting team needs to be separate from a day-to-day SOC, and should have clear priorities for each threat hunting project.
[#]bsidescbr2024
=> More informations about this toot | More toots from merospit@infosec.exchange
Discoveries by strategic threat hunters must promptly be transferred to incident responders with actionable details.
[#]bsidescbr2024
=> More informations about this toot | More toots from merospit@infosec.exchange
Discovery and followup can be slow but remediation should be quick.
[#]bsidescbr2024
=> More informations about this toot | More toots from merospit@infosec.exchange
An internal threat hunting team can underatand the high value priorities for each network, which can't easily be outsourced to vendors.
[#]bsidescbr2024
=> More informations about this toot | More toots from merospit@infosec.exchange This content has been proxied by September (3851b).Proxy Information
text/gemini