Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Featured Post
ThreatQuotient

Why Every Company Should Include Threat Intelligence in Their Cybersecurity Strategy

Sep 29, 2023 By Chris Jacob, Global VP of Threat Intelligence Engineering In ThreatQuotient
In the fast-evolving digital landscape, the prevalence of cyber threats has become a stark reality for businesses and individuals. While essential, conventional cybersecurity measures are often reactive and inadequate against sophisticated attacks. This is where Cyber Threat Intelligence (CTI) emerges as a proactive and complementary approach to cybersecurity. Utilising CTI helps organisations to protect their systems from potential hazards. It provides a way to cut through the noise and focus on threats relevant to that specific company and industry.
Read Post
graylog

Next-Level Threat Hunting: Shift Your SIEM from Reactive to Proactive

Sep 28, 2023 By The Graylog Team In Graylog
Threat hunting is proactively identifying and thwarting unusual network activity that could indicate an attempted security breach. It’s a historically manual activity, making it time-intensive and arduous. It’s no wonder, then, why most organizations don’t have the time, budget, or resources to undertake it effectively…if at all.
Read Post
splunk

Using metadata & tstats for Threat Hunting

Sep 18, 2023 By Tamara Chacon In Splunk
So you want to hunt, eh? Well my young padwa…hold on. As a Splunk Jedi once told me, you have to first go slow to go fast. What do I mean by that? Well, if you rush into threat hunting and start slinging SPL indiscriminately, you risk creating gaps in your investigation. What gaps might those be? As a wise man once said, Know thy network. Actually — in this case — know your network and hosts.
Read Post
splunk

Using stats, eventstats & streamstats for Threat Hunting...Stat!

Sep 18, 2023 By Tamara Chacon In Splunk
If you have spent any time searching in Splunk, you have likely done at least one search using the stats command. I won’t belabor the point: stats is a crucial capability in the context of threat hunting — it would be a crime to not talk about it in this series. When focusing on data sets of interest, it's very easy to use the stats command to perform calculations on any of the returned field values to derive additional information.
Read Post
splunk

Key Threat Hunting Deliverables with PEAK

Aug 25, 2023 By Sydney Marrone In Splunk
When most people think of threat hunting, they think of uncovering unknown threats. Would you believe me if I told you that is only ONE of many (better) reasons to show value with threat hunting? The PEAK Threat Hunting Framework incorporates three distinct hunt types: hypothesis-driven, baseline and model-assisted threat hunts. Each hunt type follows a three-stage process: Prepare, Execute, and Act.
Read Post
CrowdStrike

Amid Sharp Increase in Identity-Based Attacks, CrowdStrike Unveils New Threat Hunting Capability

Aug 24, 2023 By Counter Adversary Operations In CrowdStrike

Adversaries are doubling down on identity-based attacks. According to Nowhere to Hide: CrowdStrike 2023 Threat Hunting Report, we’ve seen an alarming 583% year-over-year increase in Kerberoasting attacks — a form of identity-based threat — and a 147% increase in access broker advertisements on the dark web. Adversaries are evolving their tradecraft, building custom tooling and leveraging more than usernames and passwords to breach your environments.

Read Post
sumologic

Threat hunting with Sumo Logic: The Command Line

Aug 17, 2023 By Anton Ovrutsky In Sumo Logic
Consider the following scenario: you are asked by your leadership to find dedicated time for threat hunting activities within your network. After some time, access to the shiny new tool of choice is granted and you are super excited to get started. You log into the tool and are greeted with a lovely search bar; how do you proceed from here? The tool presenting the blank search bar is undoubtedly powerful and feature packed.
Read Post
splunk

Using Splunk Stream for Hunting: Finding Islands in the Stream (of Data)

Aug 17, 2023 By Tamara Chacon In Splunk
Today, we are going to look at using the Splunk Stream App to hunt for threats across your network. Sing along with us! 🎼 “Islands in the stream” of our data… (Part of our Threat Hunting with Splunk series, this article was originally written by John Stoner. We’ve updated it recently to maximize your value.)
Read Post
splunk

Using the Lookup Command for Threat Hunting (Lookup Before You Go-Go)

Aug 2, 2023 By Ryan Kovar In Splunk
A wise person once said that you should use the lookup command before you go threat hunting. Or, as I hear it in my head, “Look it up before you go-go…hunting”, a la WHAM!:   In this must-read tutorial for hunting in Splunk, we’re looking at the lookup command, including what it does and how and where to use it for threat hunting. Let’s get started! (This article is part of our Threat Hunting with Splunk series. We’ve updated it recently to maximize your value.)
Read Post
ThreatQuotient

Using Threat Hunting to Uncover Cybersecurity Threats

Aug 1, 2023 By Guest Blog In ThreatQuotient

In the fast-evolving digital landscape, the prevalence of cyber threats has become a stark reality for businesses and individuals alike. The conventional cybersecurity measures, while essential, are often reactive and inadequate against sophisticated attacks. This is where Threat Hunting emerges as a proactive and dynamic approach to cybersecurity. In this blog, we delve into the fascinating world of Threat Hunting and explore its significance in safeguarding against cyber adversaries.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.