EP108 How to Hunt the Cloud: Lessons and Experiences from Years of Threat Hunting
Cloud Security Podcast by Google
00:00
Is Hunting Reactive Proactive?
The two are almost necessarily, if not cousins, siblings. Hunting is obviously reactive because you detect an attacker who is in your environment. What kind of logs should a threat hunter be looking at? So I would want to understand systems that are being spun up. And then the database having started off in my career and databases, being able to turn on the SQL audit or something like that can look at the actual queries that are happening.
Transcript
Play full episode
