Sign in Subscribe

threat-hunting

Sep
04
Citrix Netscaler CVE-2023-3519 Hunt Mission Plan

Citrix Netscaler CVE-2023-3519 Hunt Mission Plan

The Prelude Hello everyone, it would seem that time has gone quite fast and my temporal abilities to navigate the
10 min read
Jan
08
The Threat Hunting Shift. Part 3: Adversarial Framework for Tactical Cyber Defense Operations I

The Threat Hunting Shift. Part 3: Adversarial Framework for Tactical Cyber Defense Operations I

Active Defence Adversarial Cyber Operations Framework or ADACOP, is a framework for sense-making and understanding the relationships between the different domains of active defence. ADACOP describes four tactical domains, namely: Design, Discover, Disrupt and Defend.
17 min read
Oct
20
The Threat Hunting Shift. Part 2: The Way of the Intercepting Fist II

The Threat Hunting Shift. Part 2: The Way of the Intercepting Fist II

We discuss Active Defense, moving beyond a passive approach to detection. How can we intentionally shape threat actor behavior via Controlled Attack Paths and Cyber Deception? Defenders inadvertently influence attackers by the way they configure layered defenses, impacting attack preferences.
10 min read
Oct
09
The Threat Hunting Shift. Part 1: The Way of the Intercepting Fist I

The Threat Hunting Shift. Part 1: The Way of the Intercepting Fist I

While Threat Hunting is commonly seen as proactive threat detection, we propose a broader approach through the lens of Active Defense. This involves intercepting and disrupting adversaries with the goal of actively shaping attacker behavior rather than relying solely on detection.
8 min read
Jul
10
Breaking the habit of talking about 'unknown unknowns' like you know what it means. Part 3.

Breaking the habit of talking about 'unknown unknowns' like you know what it means. Part 3.

Rumsfeld's simple knowledge matrix lacks the dimension of time. The article suggests an enhanced model, accounting for time and awareness in understanding knowledge dimensions. This new approach redefines knowns, unknowns, and predictability, aiding threat detection complexity.
4 min read
Jul
08
Breaking the habit of talking about "unknown unknowns" like you know what it means. Part 2.

Breaking the habit of talking about "unknown unknowns" like you know what it means. Part 2.

Rumsfeld's simple knowledge matrix lacks the dimension of time. The article suggests an enhanced model, accounting for time and awareness in understanding knowledge dimensions. This new approach redefines knowns, unknowns, and predictability, aiding threat detection complexity.
7 min read
Jul
07
Breaking the habit of talking about 'unknown unknowns' like you know what it means. Part 1.

Breaking the habit of talking about 'unknown unknowns' like you know what it means. Part 1.

Rumsfeld's simple knowledge matrix lacks the dimension of time. The article suggests an enhanced model, accounting for time and awareness in understanding knowledge dimensions. This new approach redefines knowns, unknowns, and predictability, aiding threat detection complexity.
5 min read