Active Countermeasures Webcast
Network Threat Hunting Runbook
We all know what threat hunting is in general terms; its when we actively search our network for compromised systems. But what does that mean exactly and what process should we be following? Can I simply check network traffic to see if the evil bit is set, or is there a bit more to it than that?
In this webcast we walk you through the methodology of doing a network threat hunt. We talk about what steps to perform and in what order. We also look at some of the tools and online resources you can leverage to expedite the process. In short, this Webcast is a runbook you can leverage for validating the integrity of each of your internal endpoints.
Additionally, we have documented some of what is covered in this webcast as a reference in our blog post: How to Threat Hunt Your Network.
Presented by: Chris Brenton & John Strand