The Sources for Hunts and How to Prioritise
When performing threat hunting it is important to select the right source for creating your hunt hypotheses. This will help you focus on hunts that are most relevant to your organization.
Read more →Blog
KQL Cheat Sheet
A comprehensive cheat sheet for Kusto Query Language (KQL) to help with threat hunting and security analytics in Azure Sentinel and other Microsoft products.
Read more →How to integrate EQL into your tooling
Learn how to integrate the Event Query Language (EQL) from Endgame into your own Python tooling for threat hunting and detection engineering.
Read more →DeTT&CT: Mapping your Blue Team to MITRE ATT&CK™
Learn how DeTT&CT helps blue teams map data sources, visibility, and detection coverage to MITRE ATT&CK for improved cyber defence.
Read more →TaHiTI - Threat Hunting Methodology
TaHiTI (Targeted Hunting integrating Threat Intelligence) is a threat hunting methodology developed in collaboration with Dutch financial institutions.
Read more →OPSEC for Blue Teams - Sandboxes & Secure Communications
Part 3 of the OPSEC for Blue Teams series covering sandboxes, secure communications, and information sharing when dealing with targeted attacks.
Read more →