Services
EtherLastDreamLabMedia Hub
About us

    • cyber threat hunting

      Threat hunting is becoming increasingly important as companies seek to stay ahead of the latest cyber threats and rapidly respond to any potential attacks. CyBourn leverages human and machine knowledge to contextualize business activities and organizational landscapes. Starting with a baseline profile, we assess posture and a series of attack motives. We turn this knowledge into actionable data that drives security operations and enhances incident response.

      Overview

      Our threat hunting methodology is designed to provide a common framework for our threat hunters to work and interact as part of the SOC ecosystem in order to provide targeted threat detection and effective, continuous improvement to our automated detection and response capabilities.

      Key Benefits

      integratedprocess
      Integrated process
      Integrated proactive threat hunting adapted to the SOC infrastructure and the EtherLast™ toolkit.
      soc-visibility
      Increased SOC visibility
      Immediate value to SOC detection rules through integration with the SOC process.
      intelligencedriven
      Intelligence driven
      Leveraged actionable cyber threat intelligence put into action to deliver the most value.
      threat-focused
      Threat focused
      Project-based exercises to evaluate critical assets based on the threat tactics and procedures as defined by MITRE ATT&CK.
      proactive
      Proactive investigative process
      Threat hunters are integrated into the SOC team as Tier 3 analysts and work in close proximity to the Tier 1 and Tier 2 extended detection and response teams.
      knowledgeable
      Knowledgeable
      Leveraged knowledge of the infrastructure from the core SOC XDR process in order to increase the effectiveness of the hunt.

      Our Process

      01

      (Threat) Model

      Assess the threat landscape, active actors, ongoing campaigns, and current events.

      • 0 day
      • Existing risks
      • Internal actors

      02

      SEARCH

      Define the hunt parameters and required data to reach objectives.

      • Define queries
      • Identify assets
      • Aggregate logs
      • Hunt for IoCs
      • Hunt for behavior

      03

      TRACK

      Information is structured and analyzed to form the pattern of an attack.
      Artifacts are tracked through the network-identifying artifacts and behavioral patterns consistent with an attack.

      04

      RESPOND
      • Contain
      • Remediate
      • Recover from the attack

      05

      IMPROVE

      Defining new automated alerts tailored by the threat hunting team. Efficiently detect specific attacks while they happen.

      crest-soc
      member-cyber-exchange
      ISO9001-blue
      ISO20000-orange
      ISO27001-purple

      For more information and a quote on our Threat Hunting service please contact us!

      Tell us about your Cybersecurity needs

      We are strategists, engineers, analysts, and governance experts embedded in the world’s biggest cyber missions and trusted to advance them. Let us help you today.