Monthly Archives: April 2017

by

Threat Hunter Profile – Pietro Bempos

Name
Pietro Bempos

Organization
Zurich Insurance

Years Hunting
1

Preferred Datasets
Endpoint logs/process data, windows event logs, DNS logs, server application logs

Preferred Hunting Techniques
Threat mapping, IP stacking (outlier detection), asset prioritization and investigation

Preferred Tools
Linux command line, custom scripting (Python and Bash), custom tools

by

Threat Hunter Profile – James Bower

Name
James Bower

Organization
Quantum Security

Years Hunting
10

Preferred Datasets
Bro logs, DNS, HTTP proxy logs, Sysmon and OSSEC

Preferred Hunting Techniques
Outbound traffic analysis, Stacking (outlier detection), process and registry change analysis, temporal baselining

Preferred Tools
Bro, Unix commands (grep, sed, awk), TShark, Splunk