Threat Hunter Profile – Alan Orlikoski
Name
Alan Orlikoski
Organization
Square Inc.
Years Hunting
3
Preferred Datasets
Network data (Bro), stacked Appcompat, shimcache, Windows Powershell event logs, bash shell history files
Preferred Hunting Techniques
Data traversal analysis, daily dynamic list creation, kill chain analysis
Preferred Tools
Log Parser, CCF-VM, Logstash, Python, command line (grep, head, tail, sed, awk)