all InfoSec news
"Active Thread Hunting" - How to start?
June 16, 2023, 8:33 p.m. | /u/phen1306
For [Blue|Purple] Teams in Cyber Defence www.reddit.com
​
i work for a big company (10.000+ Clients) and we have some good security setup
(Endpoint protection, IPS, Professional WAFs, active Bloodhound Scans to find weak Account(Paths), 10 headed IRT Team, Full Sysmon-Log Forwarding to SIEM)
The company always focused on "we need to build up defense", what was a good idea back in the days.
​
But on nearly every training we join, on every modern Blogwe see, on every article we read:
"you need Active Thread …
account amp big big company bloodhound blueteamsec build clients defense endpoint endpoint protection find forwarding hello hunting ips log protection scans security siem start sysmon team the company work
More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence
How malware authors play with the LNK file format
2 days, 13 hours ago |
www.reddit.com
The Best Way to Start with AWS Security Hub
2 days, 16 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC