Monthly Archives: March 2017

by

Threat Hunter Profile – Ryan Nolette

Name
Ryan Nolette

Organization
Sqrrl

Years Hunting
7

Preferred Datasets
Process execution, process parentage, registry key modification/creation, IDS/IPS logs, Bro, firewall logs

Preferred Hunting Techniques
Daily dynamic list creation, OODA looping, data traversal analysis

Preferred Tools
Bro, Snort, Suricata, Sqrrl, volatility, nmap, Wireshark, REMnux, SIFT, PFsense, malzilla