From the course: Advanced Threat Hunting on Active Directory
Join today to access over 24,000 courses taught by industry experts.
Getting familiar with the threat hunting process
From the course: Advanced Threat Hunting on Active Directory
Getting familiar with the threat hunting process
- [Narrator] Imagine you're a detective, but instead of solving crimes in the physical world, you're uncovering hidden threats inside your network. This is the essence of threat hunting, a proactive approach to cybersecurity that goes beyond automated defenses to seek out potential dangers lurking within your network. To get started, let's break down the threat hunting process into its key stages. First, it all begins with a hypothesis. For example, you might wonder, what if an attacker is using a new type of malware that our current systems can't detect? This hypothesis sets the stage for your investigation. Next, you gather data. This involves collecting logs, network traffic, and other relevant information from your systems. The goal is to find evidence that either supports or refutes your hypothesis. It's like piecing together a puzzle where each data point brings you closer to understanding the bigger picture. Once you have your data, it's time to analyze it. One common technique…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.