Threat Hunting


Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 2)

In Part 2 of this two-part series, our goal is to provide security practitioners with better visibility, knowledge, and capabilities relative to malicious persistence techniques that impact organizations around the world every day. In this post, we’ll explore two additional persistence techniques that are being used by attackers in the wild: Scheduled Tasks (T1053) and BITS Jobs (T1197).


What is the Next Generation Threat Hunting

The FBI recently reported that in 2019, cybercrime cost businesses $3.5 billion, a number they say is likely grossly underestimated. Another study from Accenture that spanned 11 countries across 16 industries found that the complexity of attacks is also increasing. As a result, the average cost of cybercrime for an organization grew from $1.4 million to $13.0 million.


How to Achieve Proactive Threat Hunting

Threat hunting practices are gaining much more importance as hackers and cyber threats focus on improving their stealth. As a result, it is essential for organizations to take on a proactive stance on threat hunting. Continue reading to learn how you can manage that. What is threat hunting? Threat hunting is one of the fundamental cyber security practices. It aims to detect stealthy attacks and threats that go undetected by the traditional security measures.


What is Threat Hunting?

If you are involved in the cyber security processes, you must have heard of the term threat hunting. In this article, we discussed this rather popular concept in detail. Being one of the buzzing concepts of cyber security, threat hunting has been increasingly popular, but what does it refer to? Do you need it? Should you be doing it? We will answer all these questions in detail.


Deloitte's Cyber Intelligence Centre adopts the Elastic Stack for cyber data lake and threat hunting

Much like our user community, Elastic’s partner community is always finding new and innovative ways to use the Elastic Stack. Over the last 18 months we’ve been working with the Deloitte Asia Pacific team on cybersecurity use cases for Elastic in their multitenant cloud-based Managed Security Service Provider (MSSP) platform.


Welcome Perched: Security Training for SIEM, Threat Hunting, and More

Today, we are excited to announce that Perched, a training and consulting company focused on security analytics, threat hunting and security operations, has joined forces with Elastic. The Perched team will give Elastic's users training and consulting services for building advanced cybersecurity solutions using the Elastic Stack, including practitioner-level expertise for deploying, managing, and operating Elastic SIEM and Elastic's proposed acquisition of Endgame.