Tag: Threatintel

Threat Hunting Maturity Model
Threat Hunting Maturity Model Explained With Examples

In our series of guides on Threat Hunting Basics, we’ve already covered multiple topics, from techniques and tools threat hunting teams use to the certifications for professionals and beginners. But what makes good Cyber Hunting, and how can you evaluate it? One of the ways to measure the effectiveness of the hunting procedures is by […]

Read More
Threat Hunting Basics
Threat Hunting Techniques, Tactics, and Methodologies: Your Step-by-Step Introduction

We could start this article with a bold statement saying that Threat Hunting is easier than you think, and by reading our blog post, you will instantly become a pro. Unfortunately or luckily, that’s not the case. However, we understand that starting out as a Cyber Threat Hunter is tough. That’s why we are introducing […]

Read More
Deliver TI feeds into ArcSight without false positive triggers

Every ArcSight user or administrator is faced with false positive rule triggers while delivering threat intelligence feed into ArcSight. This mostly happens when threat intel source events are not excluded from rule condition or connector tries to resolve all IP addresses and host names that are processed.

Read More