The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs
Maurice, Chad, Thompson, Jeremy, Copeland, William
- 出版商: Packt Publishing
- 出版日期: 2022-06-17
- 售價: $1,740
- 貴賓價: 9.5 折 $1,653
- 語言: 英文
- 頁數: 246
- 裝訂: Quality Paper - also called trade paper
- ISBN: 180324299X
- ISBN-13: 9781803242996
-
相關分類:
GAN 生成對抗網絡
海外代購書籍(需單獨結帳)
相關主題
商品描述
Build and mature a threat hunting team capable of repeatably stalking and trapping advanced adversaries in the darkest parts of an enterprise
Key Features
- Learn foundational concepts for effective threat hunting teams in pursuit of cyber adversaries
- Recognize processes and requirements for executing and conducting a hunt
- Customize a defensive cyber framework needed to grow and mature a hunt team
Book Description
Threat hunting is a concept that takes traditional cyber defense and spins it onto its head. It moves the bar for network defenses beyond looking at the known threats and allows a team to pursue adversaries that are attacking in novel ways that have not previously been seen. To successfully track down and remove these advanced attackers, a solid understanding of the foundational concepts and requirements of the threat hunting framework is needed. Moreover, to confidently employ threat hunting in a business landscape, the same team will need to be able to customize that framework to fit a customer's particular use case.
This book breaks down the fundamental pieces of a threat hunting team, the stages of a hunt, and the process that needs to be followed through planning, execution, and recovery. It will take you through the process of threat hunting, starting from understanding cybersecurity basics through to the in-depth requirements of building a mature hunting capability. This is provided through written instructions as well as multiple story-driven scenarios that show the correct (and incorrect) way to effectively conduct a threat hunt.
By the end of this cyber threat hunting book, you'll be able to identify the processes of handicapping an immature cyber threat hunt team and systematically progress the hunting capabilities to maturity.
What you will learn
- Understand what is required to conduct a threat hunt
- Know everything your team needs to concentrate on for a successful hunt
- Discover why intelligence must be included in a threat hunt
- Recognize the phases of planning in order to prioritize efforts
- Balance the considerations concerning toolset selection and employment
- Achieve a mature team without wasting your resources
Who this book is for
This book is for anyone interested in learning how to organize and execute effective cyber threat hunts, establishing extra defense capabilities within their company, and wanting to mature an organization's cybersecurity posture. It will also be useful for anyone looking for a framework to help a hunt team grow and evolve.
目錄大綱
1. An Introduction to Threat Hunting
2. Requirements and Motivations
3. Team Construct
4. Communication Breakdown
5. Methodologies
6. Threat Intelligence
7. Planning
8. Defending the Defenders
9. Hardware and Toolsets
10. Data Analysis
11. Documentation
12. Deliverables
13. Post-Hunt Activity and Maturing A Team
14. Appendix