Threat Hunting
Dual Hunting
Threat Intelligence
Detailed Report
Threat Hunting
Intelligence-driven search for indicators of compromise. A more proactive approach, we sift through network traffic and endpoint data to discover any anomalies that may point to an existing breach that went unnoticed. Alert and behavior analysis and threat hunting allow us to answer the question, “Has the organization already been hacked?”
Our Process
Our team obtains data from the organization’s EDR agents, packet capture, and other data sources if requested. These are onboarded in our threat hunting platform.
Our team performs threat intelligence gathering that is relevant to the organization.
Our team executes queries against the data that the organization has provided and assesses if there are any signs of compromise.
Our team provides an initial and final report throughout the engagement in which recommendations are provided if there are any potentially harmful behavior observed.