The evolution of Cyber Hunt Processes from IOCs to TTPs by HHS

Home
About Us
Authors
Contact Us
Submit News
Register
Sitemap

CISO STRATEGICS & LEADERSHIP
SOC OPERATIONS
THREAT INTEL
RED & BLUE TEAMS
INCIDENT RESPONSE
CSIRT
VULNERABILITIES
CYBER ATTACKS
RANSOMWARE
DDOS ATTACKS
HACKING

DATA BREACH
DEVSECOPS
IA SECURITY
ZERO TRUST
ARCHITECTURE
NETWORK SECURITY
CLOUD SECURITY
MOBILE & 5G SECURITY
IOT SECURITY
OT SECURITY
API SECURITY

SIEM
SOAR
DLP
EDR - XDR - MDR
CASB
WAF
ENDPOINT SECURITY
DNS SECURITY
AZURE SECURITY
OFFICE 365 SECURITY
AWS SECURITY
GCP SECURITY

INFORMATION SECURITY
APPLICATION SECURITY
GRC - GOVERNANCE - RISK & COMPLIANCE
SECURITY FRAMEWORKS
SDLC SECURITY
OSINT - HUMINT
TELCO & CARRIER SECURITY

The evolution of Cyber Hunt Processes from IOCs to TTPs by HHS

Agenda

• HHS OIS Organization
• The Early Days
• Malspam Grouping
• Hunting with TTPs
• Examples of Hunting with TTPs
• Hunting with TTPs: Frameworks (MITRE ATT&CK)
• Hunting with TTPs: SolarWinds
• Threat Hunting in a Federated Environment
• Threat Feeds
• STIX / TAXII
• STIX / TAXII: STIX
• STIX / TAXII: TAXII
• Collaborations
• Actionable Outcomes: “So What?”
• Metrics