Finding anomalous process relationships -- commands that don’t belong together -- might indicate a problem within your environment. Here’s how to spot ‘em.
How do you decide which tech to use to carry out your hunt? This post’s got some pro tips for when and how to use different technology for your threat hunting mission.
Use the hunting process to find attackers performing reconnaissance, through actions that aren’t things most users typically do, in your system.
We want to demystify what hunting is and what it’s not. So here goes nothin’ ...