The process of stealing data from a corporate system is also known as exfiltration. MITRE ATT&CKĀ® has dedicated an entire tactic to illegal copying, downloading, and transferring of organizationsā internal data with significant levels of sensitivity. Data exfiltration examples can be quite obvious, like copying files to a thumb drive; and quite stealthy, like DNS […]
MITRE ATT&CKĀ® is a framework for threat-informed cybersecurity defense and public knowledge base of adversarial tactics, techniques, and procedures (TTPs) based on real examples observed in the wild. It also includes a wealth of metadata such as possible detections, mitigations, data sources, platforms, system requirements, associated groups, references, and more. The ATT&CK content is published […]
Malware stands for malicious software and denotes software that is designed to execute computer instructions that are destructive to a userās system or in any other way hazardous for targeted individuals and enterprises.Ā Rapid technology development has brought a proliferation of various kinds of malware. It can do a range of bad things, such as […]
Lots of children break things not because they are little evil creatures but because they are curious about āhow itās made.ā Eventually, some of those children grow up and become Cybersecurity Analysts. They do basically the same but in an adult world.Ā Malware analysis is the process of studying a malware sample to understand what […]
Cyber Threat Hunting is a novel approach to Threat Detection which is aimed at finding cyber threats within an enterprise’s network before they do any harm. This includes deliberately looking for weak spots as well as any signs of ongoing attacks within a digital infrastructure. Threat Hunting is more complex than passive Threat Detection and […]
In our series of guides on Threat Hunting Basics, weāve already covered multiple topics, from techniques and tools threat hunting teams use to the certifications for professionals and beginners. But what makes good Cyber Hunting, and how can you evaluate it? One of the ways to measure the effectiveness of the hunting procedures is by […]
How to become a Threat Hunter? This question is extremely popular in the cybersecurity community. The next important question is how to advance your Threat Hunting career. In both cases, obtaining professional certifications is the best answer. Whether youāre a beginner or an accomplished specialist, continuous learning is what helps you become the best version […]
A good threat hunt is unthinkable without useful pieces of software that help to navigate enormous pools of data. How can you tell the difference between good, bad, and benign? Analyzing all the intelligence, logs, history, and research data with one pair of eyes (even multiplied by many human Threat Hunters) would have taken years. […]
We could start this article with a bold statement saying that Threat Hunting is easier than you think, and by reading our blog post, you will instantly become a pro. Unfortunately or luckily, thatās not the case. However, we understand that starting out as a Cyber Threat Hunter is tough. Thatās why we are introducing […]
To enhance global collaborative cyber defense by enabling Detection as Code practices, SOC Prime continuously broadens the support for open-source cybersecurity solutions. We are thrilled to announce a new integration with OpenCTI, an open-source modular Cyber Threat Intelligence platform that aggregates and visualizes information on cyber threats. Through contribution to this CTI platform, SOC Prime […]