The Everything Feed - All Packet Pushers Pods

PP014: Good Threat Hunting

May 14, 2024

Threat hunting is discussed as the R&D of detection engineering by guest James Williams. Topics include structured and iterative processes, turning findings into actionable alerts, collaboration in threat hunting teams, and exploring threat hunting skills and vulnerability discovery.

33:01

Creator website

Episode guests

James Williams

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Threat hunting emphasizes innovative detection engineering, focusing on analytics and alerts for proactive security measures.

Structured processes and collaborative teams are crucial for effective threat hunting, ensuring productivity and diverse insights in security operations.

Deep dives

Understanding Threat Hunting in Cybersecurity

Threat hunting is explained as the advanced stage of detection engineering offering a more innovative focus on building analytics and alerts, going beyond stable products. It involves experimenting with ideas, adversary behaviors in logs, and innovative detections to enrich security operations. The emphasis is on creating actionable outcomes rather than just performing hunts without tangible results. Automated threat hunting is discussed as a scalable process that complements manual efforts, providing continuous monitoring and detection enhancement.

Introduction

4min

Structured and Iterative Threat Hunting Processes

11min

Turning Threat Hunting into Actionable Alerts and the Importance of In-House Developed Alerts

2min

Collaboration and Creativity in Threat Hunting Teams

12min

Exploring Threat Hunting Skills and Vulnerability Discovery

4min

Have you ever noticed “threat hunting” in vendor products and wondered exactly what it means? James Williams is here to explain: Threat hunting is the R&D of detection engineering. A threat hunter imagines what an attacker might try and, critically, how that behavior would show up in the logs of a particular environment. Then the... Read more »

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

The Everything Feed - All Packet Pushers Pods

PP014: Good Threat Hunting

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding Threat Hunting in Cybersecurity

The Importance of Structured Threat Hunting Processes

Creativity and Curiosity as Core Skills for Threat Hunters

Collaboration and Diversity in Threat Hunting Teams

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

The Everything Feed - All Packet Pushers Pods

PP014: Good Threat Hunting

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding Threat Hunting in Cybersecurity

The Importance of Structured Threat Hunting Processes

Creativity and Curiosity as Core Skills for Threat Hunters

Collaboration and Diversity in Threat Hunting Teams

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights