PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
December 2018, Vol. 20, No. 6

Threat hunting techniques move beyond the SOC

When James Mercer decided to hunt for potential adversaries targeting his company's data centers, the CIO of Flexi-Van Leasing Inc. looked at ways that attackers infiltrated other commercial and industrial equipment companies and searched for signs of similar attacks. "We found a malbehaving SQL server environment by looking through the various possible threats and approaches," Mercer said. "First, there was a panic -- Oh my god, we were seeing login information -- but then we discovered it had been misconfigured by someone many years ago." Although the hunt did not reveal an actual attack, the process convinced Mercer that using threat hunting techniques is a valuable exercise. "An ounce of prevention -- that's the great value of threat hunting," he said. "It is not about whether you find something or not, but whether you find a pathway that could have been exploited." For that reason, the 250-person firm, headquartered in Kenilworth, N.J., has become more invested in threat hunting techniques. It's an advanced capability ...

Features in this issue

News in this issue

Columns in this issue

Enterprise Desktop
Cloud Computing