Monthly Archives: September 2016

by

Threat Hunter Profile – Jason Smith

Name
Jason Smith

Organization
Cisco

Years Hunting
6

Preferred Datasets
Flow data, Bro logs (http, dns, etc.), Windows event logs

Preferred Hunting Techniques
Pivoting from statistical anomalies, behavioral deviations for local assets

Preferred Tools
SiLK, FlowBAT, Bro, Security Onion, Wireshark, Bash

by

Threat Hunter Profile – Samuel Alonso

Name
Samuel Alonso

Organization
KPMG

Years Hunting
2

Preferred Datasets
AV, firewall, proxy, IDS and passive DNS

Preferred Hunting Techniques
Stack counting, anomaly detection and visualization

Preferred Tools
Volatility, Passive Total, Santoku and Kali Linux