Follow the clues, track down the bad actors trying to access your systems, and uncover the chain of evidence left by even the most careful adversary. This practical guide to cyber threat hunting gives a reliable and repeatable framework to see and stop attacks.
In Cyber Threat Hunting you will learn how to:
Design and implement a cyber threat hunting framework
Think like your adversaries
Conduct threat hunting expeditions
Streamline how you work with other cyber security teams
Structure threat hunting expeditions without losing track of activities and clues
Use statistics and machine learning techniques to hunt for threats
Organizations that actively seek out security intrusions reduce the time that bad actors spend on their sites, increase their cyber resilience, and build strong resistance to sophisticated covert threats. Cyber Threat Hunting teaches you to recognize attempts to access your systems by seeing the clues your adversaries leave behind. It lays out the path to becoming a successful cyber security threat hunter, guiding you from your very first expedition to hunting in complex cloud-native environments.
about the technology
There’s no question about whether your security will come under attack. It already is. The real question is whether you’ll recognize and learn from the attacks when they occur. Cyber threat hunting makes the assumption that a system has been hacked and reveals the signs that have evaded detection tools, or been dismissed as unimportant. In the constantly evolving landscape of modern security, threat hunting is a vital practice to avoid complacency and harden your defenses against attack.
about the book
Cyber Threat Hunting teaches you how to identify potential breaches of your security. You’ll learn by exploring real-life scenarios drawn from author Nadhem AlFardan’s twenty years in information security. Beginning with the fundamentals, you’ll build a practical hunting framework and discover good practices for optimizing and improving expeditions. You’ll learn how to employ advanced techniques that draw on machine learning and statistical analysis to help spot anomalies. Best of all, this practical book comes with downloadable datasets and scenario templates so you can practice and hone your threat hunting techniques.
about the reader
For security, network, and systems professionals familiar with security tools and Python.
about the author
Dr. Nadhem AlFardan is a principal cyber security architect leading the security operation center practice for Cisco. Dr. AlFardan leads large security operations center programs for major organizations across several APAC, EMEA and the Americas. His role includes helping customers establish and enhance their cyber threat hunting practice.