Threat hunting
Threat hunting: The proactive search for signs of malicious activity within a system or network that haven’t been detected by traditional security solutions. It involves using analytics and threat intelligence to identify abnormalities or indicators of compromise, helping to uncover stealthy, advanced threats that may have bypassed initial security defenses.
Threat Intelligence – External
Threat Intelligence – External: Data collected from outside the organization’s network about current or emerging threats. This could include information from industry forums, security news feeds, threat databases, or intelligence-sharing groups, offering insights into the broader threat landscape to enhance the organization’s defense strategy. By having outsider information on threats beyond simply what an organization […]
Threat Intelligence – Internal
Threat Intelligence – Internal: Information about potential risks that come from within an organization. This can include suspicious activities or behavior patterns of employees, contractors, or other individuals with access to the organization’s resources. Gathering and analyzing internal threat intelligence can help an organization to proactively detect and respond to insider threats, thereby reducing potential […]
Threat intelligence
Threat intelligence: Knowledge that allows organizations to understand the risks of cyber threats, such as adversaries, campaigns, incidents, tactics, techniques, and procedures (TTP). This intelligence can be used to prepare, prevent, and identify potential cyber threats looking to take advantage of valuable resources.
Threat monitoring
Threat monitoring: The continual process of observing and tracking activities within a system or network to detect signs of cyber threats or breaches. This often involves the use of automated systems, such as intrusion detection systems (IDS) or security information and event management (SIEM) systems, which can detect anomalies or suspicious behavior and send alerts […]
Threat Vector
Threat Vector: A pathway or means by which a cyberattack is carried out. Threat vectors are the methods or routes taken by attackers to infiltrate systems, exploit vulnerabilities, and potentially cause damage. Common vectors include phishing emails, malicious websites, or compromised networks.