Threat Hunting

-


 What is threat hunting?

When we examine this term we can see that it is hunting to uncover the threats in the information system. But we need to add something to describe it properly. We can describe it as we hunt for threats by imagining a hypothesis that there is a threat to our information system and based on that we conduct the hunting by using numerous techniques and tools. 


                                                                Figure 1 - threat hunting illustration


Why threat hunting?

We need to conduct these threat hunting activities regularly to uncover the possible security threats to our information system. Because there can be zero-day vulnerabilities also. After we have discovered any kind of threat, we need to inform them to the liable authorities who can take action and mitigate them. By following this procedure we can secure our information system and it is an important step for information security.


                                                    Figure 2 - threat hunting cycle


What is the threat hunting cycle?

This threat hunting is never ended and we need to conduct it regularly as this is a cyclic process. It begins with the hypothesis which describes there is a possible threat in our information system which we need to uncover. So, creating a hypothesis is the first step.

After having a hypothesis we need to discover and uncover what are these possible threats using different tools and techniques. We need to search for these threats by taking time and we have to continue until we get any clue about a threat. sometimes it can take more than one month to uncover a threat.

As a third step, we need to uncover new patterns and TTPs. It means we need to uncover new possible threats to our systems. Here we should be able to uncover the new threats as day by day they and their patterns will change. Here the TTP term describes as Terrorist, Tactics, Techniques, and procedures. The terrorists are the attackers or the person who can carry out the threats to our system. Tactics mean the behavior mechanisms the people use to carry out the threats to our information systems. Techniques and procedures can describe as the tools, procedures, and mechanisms use to make a possible threat to our information system.

After those previous phases, we need to create proper analytics and reports and analyze what are the weaknesses in our systems and what are the possible threats and what are patterns attacker use to carryout these threats.        

Comments

  1. ash_SanJune 19, 2021 at 12:33 AM

    πŸ₯°πŸ₯°πŸ₯°❤️πŸ€—

    ReplyDelete
  2. UnknownJune 19, 2021 at 1:06 AM

    Really Interesting wasu ♥️

    ReplyDelete
  3. UnknownJune 19, 2021 at 3:54 AM

    ❤️

    ReplyDelete
  4. VenushJune 20, 2021 at 1:48 AM

    Good one

    ReplyDelete
  5. UnknownJune 20, 2021 at 1:48 AM

    😊❤

    ReplyDelete
  6. UnknownJune 20, 2021 at 1:50 AM

    πŸ’–πŸ˜Ž

    ReplyDelete
  7. UnayaJune 20, 2021 at 1:51 AM

    Good 😍♥️

    ReplyDelete
  8. Sachin RishmaJune 20, 2021 at 1:52 AM

    ❤️πŸ™ŒπŸ»

    ReplyDelete
  9. Sachindu GimhanaJune 20, 2021 at 1:55 AM

    πŸ”₯

    ReplyDelete
  10. Sachindu GimhanaJune 20, 2021 at 1:55 AM

    This comment has been removed by the author.

    ReplyDelete
  11. Vihanga Bimsara YapaJune 20, 2021 at 2:04 AM

    Amazing work ayya😍

    ReplyDelete
  12. UnknownJune 20, 2021 at 2:07 AM

    🀩🀩🀩🀩very informative

    ReplyDelete
  13. UnknownJune 20, 2021 at 2:13 AM

    Good job

    ReplyDelete
  14. UnknownJune 20, 2021 at 2:16 AM

    Very important son πŸ‘

    ReplyDelete
  15. UnknownJune 20, 2021 at 2:26 AM

    Good job 🀩

    ReplyDelete
  16. yasasiJune 20, 2021 at 2:27 AM

    NiceπŸ”₯

    ReplyDelete
  17. UnknownJune 20, 2021 at 2:34 AM

    Great πŸ‘

    ReplyDelete
  18. UnknownJune 20, 2021 at 2:36 AM

    Well DoneπŸ₯‚πŸ‘πŸ»

    ReplyDelete
  19. HiruniJune 20, 2021 at 2:44 AM

    This comment has been removed by the author.

    ReplyDelete
  20. Sithiji AmarasenaJune 20, 2021 at 2:46 AM

    Good job πŸ‘

    ReplyDelete
  21. UnknownJune 20, 2021 at 2:49 AM

    Amazing work

    ReplyDelete
  22. YohanJune 20, 2021 at 3:03 AM

    Nice work ♥️ Very Informative

    ReplyDelete
  23. AkalankaJune 20, 2021 at 3:05 AM

    🀍

    ReplyDelete
  24. Udeesha InduwaraJune 20, 2021 at 3:14 AM

    Nice One

    ReplyDelete
  25. ThakshiJune 20, 2021 at 3:18 AM

    ♥️🀘🏻

    ReplyDelete
  26. MadusankaJune 20, 2021 at 3:57 AM

    Nice work keep it up πŸ”₯❤️

    ReplyDelete
  27. Anoma_RathnayakaJune 20, 2021 at 4:07 AM

    well done.. Keep it up... ❤️❤️

    ReplyDelete
  28. ChathuraJune 20, 2021 at 5:06 AM

    Superb brother πŸ”₯❤

    ReplyDelete
  29. UnknownJune 20, 2021 at 5:09 AM

    Great brother 😍

    ReplyDelete
  30. Ridma DahanayakeJune 20, 2021 at 5:24 AM

    nice work broπŸ‘πŸ»

    ReplyDelete
  31. Tharindu DilshanJune 20, 2021 at 6:21 AM

    Good job brother❤️‍πŸ”₯

    ReplyDelete
  32. AnonymousJune 20, 2021 at 6:26 AM

    ❤️πŸ”₯

    ReplyDelete
  33. UnknownJune 20, 2021 at 6:26 AM

    Great workπŸ₯³

    ReplyDelete
  34. UnknownJune 20, 2021 at 6:33 AM

    πŸ’

    ReplyDelete
  35. NaddaJune 20, 2021 at 6:45 AM

    wow ♥️

    ReplyDelete
  36. UnknownJune 20, 2021 at 6:57 AM

    Good job πŸ‘keep it up

    ReplyDelete
  37. UnknownJune 20, 2021 at 7:24 AM

    Good job...πŸ‘

    ReplyDelete
  38. UnknownJune 20, 2021 at 7:44 AM

    This comment has been removed by the author.

    ReplyDelete
  39. UnknownJune 20, 2021 at 7:45 AM

    GreatπŸ‘

    ReplyDelete
  40. UnknownJune 20, 2021 at 8:04 AM

    πŸ‘πŸ€❤

    ReplyDelete
  41. Charith Geethanjana June 20, 2021 at 8:09 AM

    This comment has been removed by the author.

    ReplyDelete
  42. Charith Geethanjana June 20, 2021 at 8:11 AM

    πŸ’ͺ❤️πŸ‘

    ReplyDelete
  43. JavinduJune 20, 2021 at 10:12 AM

    Best article I've ever seen regarding threat hunting. Thank you very much for knowledge sharing❤

    ReplyDelete
  44. UnknownJune 20, 2021 at 3:29 PM

    πŸ”₯

    ReplyDelete
  45. UnknownJune 20, 2021 at 7:59 PM

    Great work😍 keep it up

    ReplyDelete
  46. Chamindu nisankaJune 20, 2021 at 11:24 PM

    ❤❤❤

    ReplyDelete
  47. Tec TouchJune 21, 2021 at 3:35 AM

    Nice work with useful topic ❤

    ReplyDelete
  48. UnknownJune 23, 2021 at 11:04 AM

    ✌️♥️

    ReplyDelete

Post a Comment

Popular posts from this blog

Introduction to Cryptography

-
Image
What is cryptography A s human beings, we do not prefer to reveal our secret and private communication to outsiders. Because of that we usually send our letters inside an envelope to make sure that the contents of those letters should not disclose to unwanted people until the right persons get them. Likewise, we use the methodology of "cryptography" to ensure the secrecy of our data through online communication. This cryptography method ensures the basic features of secure data communication such as confidentiality, integrity, and authorization. Normally we define cryptography as the study and practice of hiding information from unauthorized persons. This ensures the confidentiality of data by restricting unauthorized persons to our data, ensure the integrity by using the hash functions which can detect whether our data was modified by someone or not, and it ensures authorization and non-repudiation. these are the benefits of cryptography. B efore centuries ago, people felt t
Read more

Ancient Cryptography

-
Image
I n the previous chapter, we discussed the introduction part of cryptography and we understand the eras of cryptography. Today we are going to learn about the ancient cryptography era . Greece T he “Scytale” is the first cryptographic method that we can find when we analyze history. It was used in Greece in about 500 B.C which was developed by Spartans to send and receive secret messages. It is a device like a cylinder. And a strip of parchment uses to write messages on it as wounds in parchment. Once we remove the parchment it becomes an unclear message which is difficult to understand. So, to receive the exact message we should have the same size cylinder. It is a method that is considered as a type of transposition cipher. The problem with this method is there should be the same size cylinder.                                         Figure 1 - Scytale Rome B ut we consider Caesar cipher as the well-organized oldest cryptographic method which has been used in Rome by the empire Juli
Read more

GDPR (General Data Protection Regulation)

-
Image
What is GDPR? G DPR stands for General Data Protection Regulation, which is a regulation established by the European parliament in April 2016. Under this regulation, it describes how companies need to secure the details of the European citizens' private sensitive data. The Information Commissioner's Office (ICO) will take control of the GDPR and he will conduct penalties for the companies who violate this regulation.       Why it is important? C ountries like England, France, and Germany consider the privacy of individuals a major concern. They always try to protect the privacy of everyone. So, to do that they have introduced regulations like GDPR. This personally identifiable information are very sensitive and not handling this data properly, leads them to face a different kind of problems. GDPR covers all the European Union countries like Austria, Germany, France, Ireland, Finland, Netherlands .. etc. This GDPR only covers the privacy of the European citizens, but not the res
Read more