Monthly Archives: August 2016

by

Threat Hunter Profile – Chris Sanders

Name
Chris Sanders

Organization
Applied Network Defense

Years Hunting
10

Preferred Datasets
Flow, Bro, Windows endpoint logs

Preferred Hunting Techniques
Aggregations, pivots, relationship graph visualizations

Preferred Tools
SiLK, FlowBAT, Python, Wireshark, FireEye TAP, Splunk

by

Threat Hunter Profile – Josh Liburdi

Name
Josh Liburdi

Organization
Target

Years Hunting
3

Preferred Datasets
Bro, memory artifacts, file metadata

Preferred Hunting Techniques
Stack Counting, baselining, data visualization

Preferred Tools
Bro, LaikaBoss, Volatility, Sqrrl

by

Threat Hunter Profile – David Bianco

Name
David J. Bianco

Organization
Target

Years Hunting
8

Preferred Datasets
HTTP proxy logs, authentication logs, process data

Preferred Hunting Techniques
Outlier detection, visualization

Preferred Tools
Sqrrl, Unix command line, Python, Apache Spark, scikit-learn