• Complain

Chad Maurice - The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs

Here you can read online Chad Maurice - The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2022, publisher: Packt Publishing, genre: Business. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Chad Maurice The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs
  • Book:
    The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs
  • Author:
  • Publisher:
    Packt Publishing
  • Genre:
  • Year:
    2022
  • Rating:
    4 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 80
    • 1
    • 2
    • 3
    • 4
    • 5

The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Build and mature a threat hunting team capable of repeatably stalking and trapping advanced adversaries in the darkest parts of an enterprise

Key Features
  • Learn foundational concepts for effective threat hunting teams in pursuit of cyber adversaries
  • Recognize processes and requirements for executing and conducting a hunt
  • Customize a defensive cyber framework needed to grow and mature a hunt team
Book Description

Threat hunting is a concept that takes traditional cyber defense and spins it onto its head. It moves the bar for network defenses beyond looking at the known threats and allows a team to pursue adversaries that are attacking in novel ways that have not previously been seen. To successfully track down and remove these advanced attackers, a solid understanding of the foundational concepts and requirements of the threat hunting framework is needed. Moreover, to confidently employ threat hunting in a business landscape, the same team will need to be able to customize that framework to fit a customers particular use case.

This book breaks down the fundamental pieces of a threat hunting team, the stages of a hunt, and the process that needs to be followed through planning, execution, and recovery. It will take you through the process of threat hunting, starting from understanding cybersecurity basics through to the in-depth requirements of building a mature hunting capability. This is provided through written instructions as well as multiple story-driven scenarios that show the correct (and incorrect) way to effectively conduct a threat hunt.

By the end of this cyber threat hunting book, youll be able to identify the processes of handicapping an immature cyber threat hunt team and systematically progress the hunting capabilities to maturity.

What you will learn
  • Understand what is required to conduct a threat hunt
  • Know everything your team needs to concentrate on for a successful hunt
  • Discover why intelligence must be included in a threat hunt
  • Recognize the phases of planning in order to prioritize efforts
  • Balance the considerations concerning toolset selection and employment
  • Achieve a mature team without wasting your resources
Who this book is for

This book is for anyone interested in learning how to organize and execute effective cyber threat hunts, establishing extra defense capabilities within their company, and wanting to mature an organizations cybersecurity posture. It will also be useful for anyone looking for a framework to help a hunt team grow and evolve.

Table of Contents
  1. An Introduction to Threat Hunting
  2. Requirements and Motivations
  3. Team Construct
  4. Communication Breakdown
  5. Methodologies
  6. Threat Intelligence
  7. Planning
  8. Defending the Defenders
  9. Hardware and Toolsets
  10. Data Analysis
  11. Documentation
  12. Deliverables
  13. Post-Hunt Activity and Maturing A Team
  14. Appendix

Chad Maurice: author's other books


Who wrote The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs? Find out the surname, the name of the author of the book and a list of all author's works by series.

The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
The Foundations of Threat Hunting Organize and design effective cyber threat - photo 1
The Foundations of Threat Hunting

Organize and design effective cyber threat hunts to meet business needs

Chad Maurice

Jeremy Thompson

William Copeland

BIRMINGHAMMUMBAI The Foundations of Threat Hunting Copyright 2022 Packt - photo 2

BIRMINGHAMMUMBAI

The Foundations of Threat Hunting

Copyright 2022 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author(s), nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Vijin Boricha

Publishing Product Manager: Shrilekha Malpani

Senior Editor: Arun Nadar

Content Development Editor: Sujata Tripathi

Technical Editor: Shruthi Shetty

Copy Editor: Safis Editing

Project Coordinator: Shagun Saini

Proofreader: Safis Editing

Indexer: Tejal Daruwale Soni

Production Designer: Vijay Kamble

Marketing Coordinator: Hemangi Lotlikar

First published: June 2022

Production reference: 1130522

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

ISBN 978-1-80324-299-6

www.packt.com

To my wife and children, thank you for all of the love and support over the years. You give everything meaning and have made this journey possible.

Chad Maurice

To my wife and family, thanks for the love and patience over the years and the extra support during the writing of this book. For all the Airmen I served with, thanks for helping me get to where I am today aim high!

Jeremy Thompson

For my wife and friends, who have continued to support me through all of life's ups and downs.

William Copeland

Foreword

I have known William Copeland, Chad Maurice, and Jeremy Thompson for a combined 20 years. Each one of them is an information security professional who has continued to push evolution onto the organizations they have been a part of. They are not only technically proficient analysts but also knowledgeable leaders who understand how to balance an organization's operational requirements with their security needs in order to minimize exposure to emerging threats while maximizing effectiveness in the business landscape. Each one of these authors has led security teams in the pursuit of securing and hunting across multimillion-dollar networks while continuing to evolve their strategies to defend these networks from some of the most advanced malicious actors in the world.

Over the last 10 years, there has been a growing shift in Security Operations Centers (SOCs) to move beyond their past mindsets. These SOCs were initially built to simply respond to alerts and potentially "find bad" while it was happening or had already happened on a network. This reactive approach leaves a company and its network catching the problem too late and thereby just finding the data breach and subsequent exfiltration of data months to years after it has already left the network. For this reason, SOCs have taken a more proactive approach, hiring penetration testers to find holes in their network defense before a malicious actor does, while also performing threat hunts to find out where those same actors have already slipped past defenses.

You may be wondering, what is a hunt? How does a team perform this task? Where is a good place to start? If you asked any of these questions, or maybe you are just looking for a different perspective on how to conduct a hunt on your network, The Foundations of Threat Hunting is for you. This book helps you to understand how to put a team together, how to plan a hunt (a very crucial step), and how to use the data your SOC is collecting in order to assist the hunt.

Additionally, this book will help you understand threat intelligence and how to use it to improve your hunt. As a person who has performed several hunts, I cannot overstate the assistance that finding and utilizing threat intelligence properly can be to your hunt.

In The Foundations of Threat Hunting, you are being given over 30 years of combined knowledge and perspective on threat hunting and cybersecurity. This information is provided to you in an understandable and relatable way. Using instruction and stories to help bridge knowledge and application, you will understand threat hunting and be able to execute an effective hunt on your network.

Evolve your SOC into a proactive phase and begin threat hunting with The Foundations of Threat Hunting.

Anthony Particini

Threat Hunt Lead and Instructor (GCIH, GCFA)

Contributors
About the authors

Chad Maurice is a life-long cybersecurity enthusiast with a background in both offensive and defensive teams. He has led Red Teams in physical and network security assessments as well as overseen planning and daily management for numerous incident response and threat hunting teams that provided defenses for enterprise networks spanning the globe.

He earned a master's degree in information systems security/information assurance from Capella University in 2011. Additionally, Chad has achieved an array of industry certifications ranging from OSCP to CISSP. Currently, he is an engineer at a Fortune 100 company, enhancing defensive capabilities for all of their business assets.

Jeremy Thompson is a tenacious leader and technical expert who has dedicated the last two decades of his life to the profession of cybersecurity. His background includes broad experience from managing infrastructure in support of a large-scale network to directing operations for an organization conducting threat hunts on IT and OT networks around the globe.

He earned a master's degree in information systems management from the University of Nebraska at Omaha in 2014. Additionally, Jeremy has achieved the following certifications: CCNA Cyber Operations, GSEC, GCFA, GDAT, GFNA, and CISSP. Currently, he is an incident response and operations manager for CyberDefenses Inc out of Austin, TX.

William Copeland is a renowned leader and technician within the cyber defense community. He has endeavored, over the last two decades, to clear the path for the operators under his leadership to become more efficient and effective cyber defenders.

He earned a bachelor's degree in information technology from Western Governors University in 2018. Additionally, William has the following certifications: Security+, Linux+, Project+, Network+, GCFA, GPEN, GNFA, GREM, GDAT, GCDA, GSEC, GCIA, GCIH, SSAP, GCFE, and GCTI. Currently, he is a senior leader within a cyber hunting organization, providing planning, coordination, integration, and execution of defensive teams that track and eradicate adversaries on customer networks.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs»

Look at similar books to The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs»

Discussion, reviews of the book The Foundations of Threat Hunting: Organize and design effective cyber threat hunts to meet business needs and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.