Threat Hunting Tutorial- Day1

preview_player
Показать описание
Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat hunting digs deep to find malicious actors in your environment that have slipped past your initial endpoint security defenses.

After sneaking in, an attacker can stealthily remain in a network for months as they quietly collect data, look for confidential material, or obtain login credentials that will allow them to move laterally across the environment.

Once an adversary is successful in evading detection and an attack has penetrated an organization’s defenses, many organizations lack the advanced detection capabilities needed to stop the advanced persistent threats from remaining in the network. That’s why threat hunting is an essential component of any defense strategy.

Today is Day1 of Threat Hunting Tutorial and today we will cover-
1. Threat Hunting Maturity Model
2. Threat Hunting Loop
3. Pyramid of Pain

We will also show a practical demo how can you perform Retro-Hunt using Yara in Virustotal.

🔗Related Episodes-
-------------------------------------------------------------------------------------------------------------------------

WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!!
-------------------------------------------------------------------------------------------------------------------------


Timelines
-------------------------------------------------------------------------------------------------------------------------
0:00 ⏩ Introduction
1:08 ⏩ Threat Hunt Maturity Model
12:16 ⏩ Threat Hunting Loop
20:15 ⏩ Pyramid of Pain
25:27 ⏩ Retro Hunt for Lapsus
35:16 ⏩ Summarize

📞📲
FOLLOW ME EVERYWHERE-
-------------------------------------------------------------------------------------------------------------------------
✔ Twitter: @blackperl_dfir

SUPPORT BLACKPERL
-------------------------------------------------------------------------------------------------------------------------
╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
➡️ SUBSCRIBE, Share, Like, Comment

-------------------------------------------------------------------------------------------------------------------------
🙏 Thanks for watching!! Be CyberAware!! 🤞
  1. BlackPerl
  2. threat hunting tutorial
  3. threat hunting
  4. threat hunt
  5. threat hunting in security operations
  6. threat hunting techniques
Рекомендации по теме
Threat Hunting Tutorial- 0:37:13

Threat Hunting Tutorial- Day1

Threat Hunting Tutorial: 0:10:47

Threat Hunting Tutorial: Introduction

Building ML-based Threat 0:28:09

Building ML-based Threat Hunting System from Scratch

VTF bootcamp - 0:25:19

VTF bootcamp - Threat Hunting - Day1

Threat Hunting | 0:01:36

Threat Hunting | Day 1

How To Threat 0:06:01

How To Threat hunt Like A Pro: The Easy Way

Level 1 Threat 5:11:10

Level 1 Threat Hunting Training | March 2023

2024-04-12 Cyber Threat 4:40:12

2024-04-12 Cyber Threat Hunting Level 1 - Chris Brenton

A|C — How 1:18:23

A|C — How To Get Started in Cyber Threat Hunting | Chris Brenton

Threat Hunting Explained 0:00:56

Threat Hunting Explained

Cybersecurity Threat Hunting 0:06:51

Cybersecurity Threat Hunting Explained

Cyber Threat Hunting 6:29:05

Cyber Threat Hunting Level 1 | Chris Brenton | August 2021

Introduction to Cyber 0:24:12

Introduction to Cyber Threat Hunting : SOC

Threat Hunting Training 5:01:20

Threat Hunting Training | April 2023

Cyber Threat Hunting 4:56:11

Cyber Threat Hunting Level 1 | Chris Brenton | August 2023

Threat Hunting with 0:00:48

Threat Hunting with John Hammond

Tutorial: Cyber Threat 0:27:05

Tutorial: Cyber Threat Hunting - Useful Threat Hunting Tools (Part One)

Cyber Security Threat 0:00:16

Cyber Security Threat Hunting: SOC Analyst | A Day in the Life of Defensive Security

Formulating an Intelligence-Driven 0:27:25

Formulating an Intelligence-Driven Threat Hunting Methodology

Creating a Threat 0:30:14

Creating a Threat Intelligence Program from Scratch Part 1

What is Threat 0:15:30

What is Threat Hunting? | CyberRes SME Submission

Cyber Threat Hunting 4:49:03

Cyber Threat Hunting Level 1 | Chris Brenton | July 2022 | 6 Hours

What is Threat 0:01:07

What is Threat Hunting?

Formulating An Intelligence-Driven 0:33:50

Formulating An Intelligence-Driven Threat Hunting Methodology

Комментарии
Автор

Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat hunting digs deep to find malicious actors in your environment that have slipped past your initial endpoint security defenses.

After sneaking in, an attacker can stealthily remain in a network for months as they quietly collect data, look for confidential material, or obtain login credentials that will allow them to move laterally across the environment.

Once an adversary is successful in evading detection and an attack has penetrated an organization’s defenses, many organizations lack the advanced detection capabilities needed to stop the advanced persistent threats from remaining in the network. That’s why threat hunting is an essential component of any defense strategy.

Today is Day1 of Threat Hunting Tutorial and today we will cover-
1. Threat Hunting Maturity Model
2. Threat Hunting Loop
3. Pyramid of Pain

We will also show a practical demo how can you perform Retro-Hunt using Yara in Virustotal.

🔗Related Episodes-



WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!!



Timelines

0:00 ⏩ Introduction
1:08 ⏩ Threat Hunt Maturity Model
12:16 ⏩ Threat Hunting Loop
20:15 ⏩ Pyramid of Pain
25:27 ⏩ Retro Hunt for Lapsus
35:16 ⏩ Summarize


📞📲
FOLLOW ME EVERYWHERE-

✔ Twitter: @blackperl_dfir

SUPPORT BLACKPERL

╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
➡ SUBSCRIBE, Share, Like, Comment


🙏 Thanks for watching!! Be CyberAware!! 🤞

BlackPerl
Автор

Seriously... thank you. I am currently applying to a threat hunting position that I do not directly have experience. I have done this, but more from another perspective of another team working hand in hand. I really appreciate this.

patco
Автор

Wow!! Finally!! Thanks for starting this.. All the best.

anishdash
Автор

Thanks Archan for the quality content. Yes i am interested for the paid membership and do let us know the details soon.

fam-jam
Автор

Very impressive content my friend! Please keep up the good work!

xrZt
Автор

Thank you so much Archan for amazing knowledge. I am also trying to apply in Amazon for Cyber Security roles.

ritwickdadhich
Автор

Hi @blackPerl Could you please share the mapping chart and guide us with more details that How to map a threat group into the MITER ATT&CK framwork

sameerpoonia
Автор

Hi Archan... Thanks for this informative video. I have some experience in threat and vulnerability management but I am very new to Threat hunting and looking eagerly to learning this technology. Could you please help me with where I can begin from the first step?

NitinKumar-jppv
Автор

I can't seem to access Intelligence in VirusTotal, do I need a corporate license? are you using a corporate license for this demo or you purchased your own? Thanks.

fwrt
Автор

HI Archan,

Is it possible to share the yara rule you have prepared?

ranasec
Автор

Hi Sir can you share the Lapsus TTP's which you have created on virus total as yara rule

cyberwarriorall
Автор

sir what are the pre requisites to start this course, i am cse 2nd year student want to be in red teaming after btech...?

geeth
Автор

I have a question, Im a soc analyst in a small company that recently just build up their SOC from scratch, im spending 90% of my time doing reporting and the others can be investigation and response. Is this the normal proportions? Im expecting to do only 40% reporting and the rest will be into other stuff.

syahmij
Автор

Hi I am a big fan of your videos, appreciate your effort in this community.
Regarding the yara rules you mentioned in the video, could you please share the the files (I have sent you a request in LinkedIn and it is still not accepted)

shabeeb
Автор

So you run the yara rules with some hash you gathered from TI in virus total and the virus total gives more hashes back? I am not able to get that part, can you please explain what is happening there?

praveenadithya
Автор

Bhaiya what can be good cyber security project to mention in your cv

learnlinux
Автор

Hi #BalckPerl thanks for thinking about creating this series, I request you please complete this series at your earliest convenience and you are only hope for us. Thankyou once again #Bestofluck

yashgoldsmith
Автор

Mr. Archan. Could you please make your videos in Hindi.. reason being some of the things you speak while explaining doesn't make any sense or maybe I am not able to understand.. I feel if you make the videos in Hindi then many of your viewers will comprehend better... I totaly respect and adhore your work.. Thanks for what your are doing.. But if you could make these videos in Hindi it will be more beneficial and would reach to your wider audience. 👍

kevinhart