English | MP4 | AVC 1920×1080 | AAC 44KHz 2ch | 9h 20m | 1.30 GB
Follow the clues, track down the bad actors trying to access your systems, and uncover the chain of evidence left by even the most careful adversary.
Cyber Threat Hunting teaches you how to identify potential breaches of your security. Practical and easy-to-follow, it gives you a reliable and repeatable framework to see and stop attacks.
In Cyber Threat Hunting you will learn how to:
- Design and implement a cyber threat hunting framework
- Think like your adversaries
- Conduct threat hunting expeditions
- Streamline how you work with other cyber security teams
- Structure threat hunting expeditions without losing track of activities and clues
- Use statistics and machine learning techniques to hunt for threats
Organizations that actively seek out security intrusions reduce the time that bad actors spend on their sites, increase their cyber resilience, and build strong resistance to sophisticated covert threats. Cyber Threat Hunting teaches you to recognize attempts to access your systems by seeing the clues your adversaries leave behind. It lays out the path to becoming a successful cyber security threat hunter, guiding you from your very first expedition to hunting in complex cloud-native environments.
Right now, an intruder may be lurking in your network, silently mapping your infrastructure and siphoning off sensitive data. Can you spot the subtle signs? Cyber threat hunting is a security practice aimed at uncovering network and software threats that slip past monitoring and detection systems, and other reactive techniques. In this practical book, author Nadhem AlFardan uses real-world scenarios to help you think like a threat hunter and maximize the success of your expeditions.
Cyber Threat Hunting teaches you how to conduct structured expeditions using techniques that can detect even the most sophisticated cybersecurity challenges. You’ll begin by mastering the fundamentals: formulating a threat hypothesis, gathering intelligence, strategizing your approach, and executing your hunt. From there, you’ll explore advanced techniques, including machine learning and statistical analysis for anomaly detection. Using this book’s downloadable datasets and scenario templates, you’ll get the hands-on experience you need to refine your threat-hunting expertise.
What’s Inside
- A threat hunting framework and toolkit
- Think like an adversary
- Effective threat hunting operations
Table of Contents
1 Part 1. Threat-hunting fundamentals
2 Chapter 1. Introducing threat hunting
3 Chapter 1. Why hunt
4 Chapter 1. Structuring threat hunting
5 Chapter 1. Threat hunting vs. threat detecting
6 Chapter 1. The background of a threat hunter
7 Chapter 1. The threat-hunting process
8 Chapter 1. Overview of technologies and tools
9 Chapter 1. Summary
10 Chapter 2. Building the foundation of a threat-hunting practice
11 Chapter 2. Developing a threat-hunting hypothesis
12 Chapter 2. Cyber threat intelligence
13 Chapter 2. Security situational awareness
14 Chapter 2. Cognitive-bias challenges
15 Chapter 2. MITRE ATT&CK
16 Chapter 2. Frameworks
17 Chapter 2. Building maturity over time
18 Chapter 2. Exercises
19 Chapter 2. Summary
20 Part 2. Threat-hunting expeditions
21 Chapter 3. Your first threat-hunting expedition
22 Chapter 3. The threat-hunting process
23 Chapter 3. Microsoft Windows Sysmon events
24 Chapter 3. Exercises
25 Chapter 3. Answers to exercises
26 Chapter 3. Summary
27 Chapter 4. Threat intelligence for threat hunting
28 Chapter 4. The hunting expedition
29 Chapter 4. The threat-hunting process
30 Chapter 4. Exercises
31 Chapter 4. Answers to exercises
32 Chapter 4. Summary
33 Chapter 5. Hunting in clouds
34 Chapter 5. A short introduction to Kubernetes security
35 Chapter 5. Threat-hunting process
36 Chapter 5. Exercises
37 Chapter 5. Answers to exercises
38 Chapter 5. Summary
39 Part 3. Threat hunting using advanced analytics
40 Chapter 6. Using fundamental statistical constructs
41 Chapter 6. Exercises
42 Chapter 6. Answers to exercises
43 Chapter 6. Summary
44 Chapter 7. Tuning statistical logic
45 Chapter 7. Exercises
46 Chapter 7. Answers to exercises
47 Chapter 7. Summary
48 Chapter 8. Unsupervised machine learning with k-means
49 Chapter 8. K-means clustering
50 Chapter 8. Analyzing clusters of interest
51 Chapter 8. Silhouette analysis as an alternative to the elbow method
52 Chapter 8. K-means with k = 6
53 Chapter 8. Exercises
54 Chapter 8. Answers to exercises
55 Chapter 8. Summary
56 Chapter 9. Supervised machine learning with Random Forest and XGBoost
57 Chapter 9. Supervised machine learning
58 Chapter 9. Random Forest
59 Chapter 9. XGBoost
60 Chapter 9. Exercises
61 Chapter 9. Answers to exercises
62 Chapter 9. Summary
63 Chapter 10. Hunting with deception
64 Chapter 10. Hunting for an adversary on the run
65 Chapter 10. Deception platforms
66 Chapter 10. Exercises
67 Chapter 10. Answers to exercises
68 Chapter 10. Summary
69 Part 4. Operating a threat-hunting practice
70 Chapter 11. Responding to findings
71 Chapter 11. Exercises
72 Chapter 11. Answers to exercises
73 Chapter 11. Summary
74 Chapter 12. Measuring success
75 Chapter 12. The ask
76 Chapter 12. Threat-hunting metrics
77 Chapter 12. Scenario Uncovering a threat before an adversary executes it
78 Chapter 12. Reporting to stakeholders
79 Chapter 12. Summary
80 Chapter 13. Enabling the team
81 Chapter 13. Supporting threat hunters well-being
82 Chapter 13. Becoming a threat hunter
83 Chapter 13. Keeping threat hunters engaged
84 Chapter 13. Continuous learning and development
85 Chapter 13. Threat hunting in the age of artificial intelligence
86 Chapter 13. Summary
Resolve the captcha to access the links!