![[The Lost Bots] S02E04: Cyber's Most Dangerous Game — Threat Hunting](/_next/image/?url=https%3A%2F%2Fwww.rapid7.com%2Fcdn%2Fimages%2Fblt82cd5c06bb93678c%2F683ddbdc3e68ee73768897fa%2F-The-Lost-Bots--Episode-1--External-Threat-Intelligence.png&w=3840&q=75)
Welcome back to The Lost Bots! In this episode, we dive into one of our favorite topics: threat hunting. It's a subject we've talked about before, but this time, we're focusing on the practical side of getting your threat hunting efforts up and running.
Our hosts Stephen Davis, Lead D&R Sales Technical Advisor, and Jeffrey Gardner, Detection and Response Practice Advisor, give us the basics of what a threat hunting hypothesis is and what makes a good one. They talk about the importance of ensuring your hypothesis is both observable and testable. They also cover the differences between intelligence-driven, situational, and domain expertise hypotheses, and explain how to actually put these concepts into action when engaging in cyber threat hunting.
Check back with us on Wednesday, October 19, for our next installment of The Lost Bots!
Additional reading:
- [The Lost Bots] S02E03: Browser-in-Browser Attacks — Don't Get (Cat)-Phished
- [The Lost Bots] Season 2, Episode 1: SIEM Deployment in 10 Minutes
- [The Lost Bots] Season 2, Episode 2: The Worst and Best Hollywood Cybersecurity Depictions
- The Empty SOC Shop: Where Has All the Talent Gone?
NEVER MISS A BLOG
Get the latest stories, expertise, and news about security today.
Subscribe
Article Tags
Related blog posts
Threat Research
Rapid7 Detection Coverage for Iran-Linked Cyber Activity
Rapid7 Labs
Detection and Response
Alert Fatigue Isn’t Going Away. Here’s How Modern SOCs Are Fighting Back
Rapid7
Detection and Response
Rapid7: 7 years of recognition in Gartner® Magic Quadrant™ for SIEM
Cindy Stanton
Detection and Response
Innovative Tunnelling and Forensic Tool Abuse: IR Tales from the Field
Noah Hemker