all InfoSec news
"Active Thread Hunting" - How to start?
June 16, 2023, 8:33 p.m. | /u/phen1306
For [Blue|Purple] Teams in Cyber Defence www.reddit.com
​
i work for a big company (10.000+ Clients) and we have some good security setup
(Endpoint protection, IPS, Professional WAFs, active Bloodhound Scans to find weak Account(Paths), 10 headed IRT Team, Full Sysmon-Log Forwarding to SIEM)
The company always focused on "we need to build up defense", what was a good idea back in the days.
​
But on nearly every training we join, on every modern Blogwe see, on every article we read:
"you need Active Thread …
account amp big big company bloodhound blueteamsec build clients defense endpoint endpoint protection find forwarding hello hunting ips log protection scans security siem start sysmon team the company work
More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence
Investigating Microsoft Graph Activity Logs
1 day, 9 hours ago |
www.reddit.com
How an empty S3 bucket can make your AWS bill explode - "As it turns …
1 day, 19 hours ago |
www.reddit.com
A Summary of 6 Months Tracking AiTM Campaigns
2 days, 14 hours ago |
www.reddit.com
Unpacking with Windows Defender
2 days, 20 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
Senior Security Engineer - Detection and Response
@ Fastly, Inc. | US (Remote)
Application Security Engineer
@ Solidigm | Zapopan, Mexico
Defensive Cyber Operations Engineer-Mid
@ ISYS Technologies | Aurora, CO, United States
Manager, Information Security GRC
@ OneTrust | Atlanta, Georgia
Senior Information Security Analyst | IAM
@ EBANX | Curitiba or São Paulo
Senior Information Security Engineer, Cloud Vulnerability Research
@ Google | New York City, USA; New York, USA