You can be new to cyber threat hunting, or you can be an experienced hunter – we got the right papers for you. In this overview, we have listed down the best cyber threat hunting guides that are free for you to read.
Cyber Threat Hunting guides and sources
SANS is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training and selling certificates. On their website, they have published 20+ cyber threat hunting guides, it is certainly worth to take a look.
Threat hunting communities provide guides and sources
Then there is otx.alienvault.com, this community has a focus on sharing cyber threat information, that means, that it is the perfect place to find relevant papers and guides. Personally, I love to use the Alienvault pulses and the search option that is provided, best of all, it is free.
Using threat hunting companies as a source of information
Let’s not forget, that there are dozens of companies that perform cyber threat hunting, these companies mostly have an idea on how to operate, where to look and how to setup their hunting gear. I see these environments as a rich resource for quality information, you just need to read through the commercial lines.
Here is a list from companies that perform threat hunting: Hunters, Mantix4, Anomali Match, Bitdefender, Cylance, Carbon Black, CrowdStrike, Cybereason, Darktrace, EclecticIQ Platform, Elastic, Endace, Endgame, Inc., ExtraHop Networks, Fidelis CyberSecurity, One eSecurity, Sqrrl, Securonix SNYPR, Nucleon.sh, Senseon, Symantec DeepSight, Vectra AI and SentinelOne. The list can be bigger, but I would recommend you to simply Google for the various companies that can do this, this also allows you to get familiar with the types of products these companies sell.
The MITRE ATT&CK framework is something you should know
Have you heard about attack.mitre.org?! Well, you should be familiar with them. MITRE is providing a complete threat hunting framework.
MITRE has a lot of whitepapers that you can read. They are good in bringing forward the techniques that are being used, and by having knowledge of the techniques, you can understand how the criminals operate, and how you can defend your environment against them.
To conclude
I hope that you enjoyed this small post on threat hunting guides, if you know more sources that can be used, then feel free to leave a comment.