Cambridge, MA (PRWEB) July 14, 2016
Today Sqrrl announced that David J. Bianco, Lead Security Technologist at Sqrrl, has created the world’s first open source repository of published threat hunting techniques. The repository, called “The ThreatHunting Project,” is a vendor neutral project meant for beginner and experienced hunters alike.
“There are a lot of people who want to get started hunting for evil in their network, but don't know where to start. What should they hunt for? How do they perform the hunts? What data do they need to collect?” says Bianco. “On the other hand, there are a lot of individuals out there who have written blog posts or made conference presentations that detail some of their favorite hunting procedures. The problem is that they are scattered, and it’s sometimes hard to find what you need.”
To address this problem, Bianco created this repository of threat hunting procedures, best practices, and tips. The initial procedures in the repository cover topics such as how to detect compromises of internet-facing services, malware, and lateral movement.
Each posted hunting technique includes an overview of the technique, what data the technique requires, and a link to the full technical documentation. Core contributors to the repository are David Bianco and other Sqrrl threat hunters, but other hunters are encouraged to submit techniques for inclusion with the goal of creating an open source community around threat hunting.
This open source hunting repository complements Sqrrl’s enterprise grade threat hunting platform that provides out-of-the-box machine learning analytics to detect and investigate kill chain behaviors of cyber adversaries. Security analysts can evaluate Sqrrl’s threat hunting platform for free by downloading the Sqrrl Test Drive VM.
Sqrrl is the security analytics company that enables organizations to target, hunt, and disrupt advanced cyber threats. Sqrrl’s industry-leading threat detection and response platform unites threat hunting, behavioral analytics, and incident investigation capabilities in an integrated solution. Sqrrl’s unique platform approach enables security analysts to discover threats faster and reduces the time and resources required to investigate them. Learn more at http://sqrrl.com.