Threat hunting is becoming mainstream, and despite the attention it receives, many people need help to differentiate it from other roles, such as detection engineering. This confusion leads to endless discussions on places like Twitter and Reddit. I wrote this article to share my perspective on what makes threat hunting…

This post will demonstrate how threat emulation can be used for threat hunting. I often use threat emulation to understand the evidence an attack leaves behind upon execution. While there are many use cases for threat emulation, this post will focus on emulating attackers’ techniques to help with threat hunting…

In the previous posts of the series, I covered the basics of threat hunting and the core competencies a threat hunter should have. This post will show you the structural process I follow for threat hunting. Anyone who works solely as a threat hunter understands how chaotic the task can…

Continuing with the second post in this series, I felt it was necessary to address the skills and knowledge required to become a threat hunter before diving into the threat hunting process. …

In recent years, threat hunting has become an important component of information security programs. However, the definition of threat hunting remains a problem. Depending on who you ask, there are various interpretations of threat hunting and how it can be used. …

Disclaimer All the opinions and views discussed here are mine and do not necessarily represent the views of my employer. I am not an expert; I am just sharing my views on topics that interest me the most, and I’m open to other perspectives. I was never a fan of…

Introduction Unless you have planned and have set duties and responsibilities before an incident occurs, you may find yourself in despair trying to do everything at once. There are too many steps to follow, and it is inevitable to accidentally miss a step in the havoc of an on-going incident. In…

My name is Kostas, and I have been a Cyber Threat Intelligence analyst for over a year. I want to share my thoughts and experiences with anyone that is thinking of entering this field. …

Hey, welcome to my personal blog. I’m Kostas and I am a security researcher. My interests lie in #ThreatIntel, #malware,#IR & #Threat_Hunting. Opinions are mine only! If you don’t see me post here, I am likely too busy posting at http://thedfirreport.com/. Twitter: https://twitter.com/Kostastsale GitHub: tsale - Overview You can't perform that action at this time. You signed in with another tab or window. You signed out in another tab or…github.com