SOC, SOAR, Threat Hunting, SANS 6-step IR, The Diamond Model of Intrusion Analysis, Cyber Threat Intelligence, MaGMa Use Case Framework
Improve your SOC: SOAR or Threat Hunting or both?
June 23, 2020
Based on the sophistication and constant change of the threat landscape in the cyber space, many mature organizations have identified the necessity to improve the detection, analysis and response capabilities of their Security Operation Center (SOC). Currently, security analysts are often engaged with trivial copy-paste or other annoying low-level tasks rather than gaining a deep understanding...
Continue ReadingBlog archive
2019
2018
- Resilient Workflows and Playbooks
- Implementation – STIX knowledge and relevance graph – steps 16-21
- Implementation – Related IP Addresses – steps 11-15
- Implementation – STIX bundle – steps 7-10
- Implementation – Overview – steps 0-6
- Solution Draft
- Current Security Operations and DFIR problems
- Operationalizing the MITRE ATT&CK framework for Security Operations, Threat Hunting and DFIR
Sign up for FREE online training sessions Intelligence-driven Threat Hunting for improving SOC maturity level
with SOAR, MITRE ATT&CK, SANS 6-step IR, The Diamond Model of Intrusion Analysis, Cyber Threat Intelligence, MaGMa Use Case Framework and more
Abstract:
In order to increase their maturity level, SOC organizations frequently introduce intelligence-driven Threat Hunting. Benefits of intel-driven Threat Hunting are... Read more
Rukhsar's recent GCFA Gold paper
December 2019
Read Rukhsar's recent GCFA Gold paper with the title Threat Hunting and Incident Response in a post-compromised environment
