Threat Hunting Playbooks for MITRE Tactics – Starting your first threat hunting today by PRASANNAKUMAR B MUNDAS

Threat Hunting Playbooks for MITRE Tactics - Starting your first threat hunting today by PRASANNAKUMAR B MUNDAS

ABSTRACT
This document will help and guide you to start your first threat hunting based on MITRE ATT&CK Tactics.

Objective:
Identify potential reconnaissance activity on the network


Description:

Reconnaissance is an important phase of an attack, where the attacker gathers information about the target system and network. This playbook aims to identify potential reconnaissance activity by analyzing Windows logs.

Assumptions:
The organization has a centralized logging system in place that captures Windows logs.

THREAT-HUNTING-PLAYBOOKS-FOR-MITRE-TACTICSDownload the complete report here !!!
Facebook
Twitter
LinkedIn
Pinterest
admin

admin

All Posts »

Leave a Reply

Your email address will not be published. Required fields are marked *

Top Recommended Posts

The Threath Intelligence Handbook – Moving Toward a Security Intelligence Program by Zane Pokorny
The Threath Intelligence Handbook – Moving Toward a Security Intelligence Program by Zane Pokorny
ChatGPT Security Risks -A Guide for Cyber Security Professionals by Cybertalk.org
ChatGPT Security Risks -A Guide for Cyber Security Professionals by Cybertalk.org
National Initiative for Cybersecurity Education (NICE) – Cybersecurity Workforce Framework – NIST Special Publication 800-181
National Initiative for Cybersecurity Education (NICE) – Cybersecurity Workforce Framework – NIST Special Publication 800-181
DOSfuscation – Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques by FireEye
DOSfuscation – Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques by FireEye
Cybersecurity Resources and References Guide by U.S. Department of Defense
Cybersecurity Resources and References Guide by U.S. Department of Defense
Blueprint for Ransomware Defense – An Action Plan for Ransomware Mitigation , Response and Recovery for Small and Medium sized Enterprises (SMEs)
Blueprint for Ransomware Defense – An Action Plan for Ransomware Mitigation , Response and Recovery...
Attacked From Behind Application using RCE for Exploit Public-Facing Application case study
Attacked From Behind Application using RCE for Exploit Public-Facing Application case study
Making a Business Case for Security – An Interagency Security Committee Best Practice by CISA 2023 Edition
Making a Business Case for Security – An Interagency Security Committee Best Practice by CISA...
The Security Intelligence Handbook – How to Disrupt Adversaries and Reduce Risk with Security Intelligence – CYBEREDGE PRESS
The Security Intelligence Handbook – How to Disrupt Adversaries and Reduce Risk with Security Intelligence...
Building a SECURE Minimum Viable Protection (SMVP) Product or Service. Software Quality must include Cybersecurity by Design Principle. Marcos Jaimovich
Building a SECURE Minimum Viable Protection (SMVP) Product or Service. Software Quality must include Cybersecurity...