Part 1 sets the stage for your threat-hunting journey by introducing essential concepts of a successful threat-hunting practice.
Chapter 1 explores the fundamentals of threat hunting: what it is, why it is an essential part of any cybersecurity program, and how it differs from other forms of cyberdefense capabilities. In the process, you’ll discover the importance of being proactive by hunting for threats before they translate into what could be significant cybersecurity incidents.
In chapter 2, the focus shifts to laying the foundation of a robust threat-hunting framework. Here, you’ll learn to build an environment that supports threat hunting, including the tools, data sources, and processes necessary for success. We’ll explore critical elements such as data, visibility, and reliable and scalable data stores.
By the end of this part, you’ll have gained a solid understanding of what threat hunting entails and of the foundational tools and processes required to embark on your first hunting expedition, bringing you one step closer to becoming a proficient threat hunter.