[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Descriptive Language for Cyber Threat Hunting
Mike, Duncan, Dave & All:
During our last meeting Toby suggested that we develop some
descriptive language about what Cyber Threat Hunting best
practices would be. This is a follow-on to the Repo just
opened for an Actuator Profile for Cyber Threat Hunting.Â
I took the action item of
doing a first cut based on the event-based CTI we conduct
during Sports-ISAO pop-up SOCs.Â
Importantly, in the sports
domain, we have to hunt on both technical telemetry and social
media disseminated influence operations threats. Therefore,
our methodology uses what we call 'Deep Source Checking' to
triangulate on threats as they emerge with close collaboration
between the two different teams.Â
See attached draft language. I
tried to keep it concise. ÂÂ
-- ********************************** R. Jane Ginn, MSIA, MRP OASIS, TAC TC Secretary jg@ctin.us **********************************
Attachment:
Potential Text for an Introduction to Cyber Threat Hunting.docx
Description: application/vnd.openxmlformats-officedocument.wordprocessingml.document
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]