Threat hunting is a critical cybersecurity activity that is growing in importance and prevalence around the globe. Are your SOC analysts developing the skills and toolsets they need to enable more efficient and effective threat hunting? What are the inhibitors your teams face and do you have the right tools and processes in place?
In this episode of the Endace Packet Forensic files, Michael Morris talks with Chris Greer of Packet Pioneer.
Chris is an experienced protocol analyst and forensics expert. He is a renowned instructor for Wireshark University as well as the host of a popular YouTube channel where he shares insights into threat hunting and demonstrates the importance of understanding how to investigate and resolve issues using packet analysis. In this episode, In this episode, Chris talks about some of the problems or threats you can only see as part of your incident response investigation processes and workflows if you have access to full packet data
Finally, Chris highlights some of the gaps that organizations have in their security stacks that make it hard for them to confirm or deny false positives and how to resolve this visibility issue. He offers recommendations for training and suggests how to improve your organization’s threat-hunting capability.