Threat Hunting

Threat Hunting

It is crucial for Australian organizations to adopt a proactive cybersecurity mindset. One effective technique for identifying, containing, and remediating attacker persistence is through Threat Hunting. Veiled Cyber Operations leverages advanced analytics and industry experience to identify malicious activity that may evade detection in your organization's network.

Scoping
Scoping

Prior breaches and recent incidents are discussed. High value targets or techniques are then selected.

Hunt
Hunt Phase

The consultant commences analysis of available events for evidence of malicious activity.

...
Report & Debrief

A full report is submitted and a meeting scheduled to walk through findings and recommendations.

Proactive Detection and Response Capability

Hunt or Be Hunted


Australia has experienced a significant increase in high-profile cyberattacks targeting personal information of citizens. While external factors contribute to the complexity and severity of these attacks on Australian operations, VeiledOps believes that every organization should conduct regular Threat Hunts as a proactive approach to cybersecurity.

Threat hunting involves using advanced analytics and data collection tools to identify potential vulnerabilities and malicious activity in an organization's systems and infrastructure. Starting a Threat Hunting program does not necessarily require an existing security team or an internal security operations center. Our experts can help guide you through the process of initiating a successful Threat Hunting program today.

Contact Us

MITRE ATT&CK Framework


Veiled Cyber Operations aligns all findings with a common language that describes the tools, techniques, and procedures used by adversaries.

The MITRE ATT&CK Framework serves as the foundation for our hunt hypothesis generation, use case development, and defensive recommendations. The framework has been widely adopted by both the cybersecurity community and leadership teams, providing a consistent means of reporting on security events.

For more information on the Mitre Att&ck Framework, we strongly encourage you to visit attack.mitre.org.

Targeted Hunting Integrating Threat Intelligence


TAHITI: Methodology

VeiledOps leverages the TAHITI methodology to generate use cases, threat hunt hypothesis and analytics to seek out adversaries.

The TaHiTi methodology was created by the Nordic Financial CERT as a way to defend critical banking infrastructure against an increasing wave of cyber attacks in Europe. The methodology has significant value outside of the financial sector and can be applied across a broad set of domains to identify adversaries in Australian networks.

For more information on the TAHITI Methodology and MAGMA Framework visit betaalvereniging.nl for an extensive whitepaper.