Tag: ThreatIntelligence

What Is Data Exfiltration? MITRE ATT&CK® Exfiltration Tactic | TA0010

The process of stealing data from a corporate system is also known as exfiltration. MITRE ATT&CK® has dedicated an entire tactic to illegal copying, downloading, and transferring of organizations’ internal data with significant levels of sensitivity. Data exfiltration examples can be quite obvious, like copying files to a thumb drive; and quite stealthy, like DNS […]

Read More
What Is the MITRE ATT&CK® Framework? Getting Started with ATT&CK

MITRE ATT&CK® is a framework for threat-informed cybersecurity defense and public knowledge base of adversarial tactics, techniques, and procedures (TTPs) based on real examples observed in the wild. It also includes a wealth of metadata such as possible detections, mitigations, data sources, platforms, system requirements, associated groups, references, and more. The ATT&CK content is published […]

Read More
What Is Malware? Malware Types to Watch Out For

Malware stands for malicious software and denotes software that is designed to execute computer instructions that are destructive to a user’s system or in any other way hazardous for targeted individuals and enterprises.  Rapid technology development has brought a proliferation of various kinds of malware. It can do a range of bad things, such as […]

Read More
malware analysis picture
What is Malware Analysis?

Lots of children break things not because they are little evil creatures but because they are curious about “how it’s made.” Eventually, some of those children grow up and become Cybersecurity Analysts. They do basically the same but in an adult world.  Malware analysis is the process of studying a malware sample to understand what […]

Read More
threat hunting engineers looking at the screens
What is Cyber Threat Hunting? The Ultimate Guide

Cyber Threat Hunting is a novel approach to Threat Detection which is aimed at finding cyber threats within an enterprise’s network before they do any harm. This includes deliberately looking for weak spots as well as any signs of ongoing attacks within a digital infrastructure. Threat Hunting is more complex than passive Threat Detection and […]

Read More
Threat Hunting Maturity Model
Threat Hunting Maturity Model Explained With Examples

In our series of guides on Threat Hunting Basics, we’ve already covered multiple topics, from techniques and tools threat hunting teams use to the certifications for professionals and beginners. But what makes good Cyber Hunting, and how can you evaluate it? One of the ways to measure the effectiveness of the hunting procedures is by […]

Read More
cyber network visualization
Threat Hunting Training, Certification, and Online Learning

How to become a Threat Hunter? This question is extremely popular in the cybersecurity community. The next important question is how to advance your Threat Hunting career. In both cases, obtaining professional certifications is the best answer. Whether you’re a beginner or an accomplished specialist, continuous learning is what helps you become the best version […]

Read More
finger pointing at a tablet device with signs of security around
Threat Hunting Tools: Our Recommendations

A good threat hunt is unthinkable without useful pieces of software that help to navigate enormous pools of data. How can you tell the difference between good, bad, and benign? Analyzing all the intelligence, logs, history, and research data with one pair of eyes (even multiplied by many human Threat Hunters) would have taken years. […]

Read More
Threat Hunting Basics
Threat Hunting Techniques, Tactics, and Methodologies: Your Step-by-Step Introduction

We could start this article with a bold statement saying that Threat Hunting is easier than you think, and by reading our blog post, you will instantly become a pro. Unfortunately or luckily, that’s not the case. However, we understand that starting out as a Cyber Threat Hunter is tough. That’s why we are introducing […]

Read More
SOC Prime Now Supports OpenCTI Integration

To enhance global collaborative cyber defense by enabling Detection as Code practices, SOC Prime continuously broadens the support for open-source cybersecurity solutions. We are thrilled to announce a new integration with OpenCTI, an open-source modular Cyber Threat Intelligence platform that aggregates and visualizes information on cyber threats. Through contribution to this CTI platform, SOC Prime […]

Read More