How to Measure Threat Hunting ROI

How to Measure Threat Hunting ROI

The Problem with Threat Hunting Metrics Threat hunting is a massive commitment of time, resources, team members, and technology. Any investment that impactful would normally be one that was carefully measured to ensure it was driving sufficient value for the team. The thing is, there’s no established benchmark of “success” in threat hunting. Measuring the […]

Creating Actionable Threat Intelligence for Threat Hunters

Creating Actionable Threat Intelligence for Threat Hunters

Ask any security leader and they’ll tell you actionable threat intelligence is the cornerstone of a successful, threat-informed security operations center (SOC). However, to be of any real value to the team, threat intelligence needs to be relevant, timely, and supportive of next steps for the teams that utilize it. Due to the sheer volume […]

SnapAttack ThreatLabs: How to Detect CVE-2023-46214

How to Detect CVE-2023-46214 SnapAttack ThreatLabs

Authored by Trenton Tait Threat Researcher at SnapAttack Linkedin Table of Contents: Intro + Overview Exploitation Example MITRE Mitigations Conclusion Detections, Attack Captures, and Resources CVE-2023-46214 is identified as a Remote Code Execution (RCE) vulnerability within Splunk Enterprise, as reported in the Splunk security advisory SVD-2023-1104 on November 16, 2023. Successful exploitation of this vulnerability […]

Threat Management isn’t Fantasy Football

Threat Management isn’t Fantasy Football

Get your access to the webinar recording: Duration: 58 minutes    |    Partnering webinar with: Google Cloud Security About the Webinar Find out how to build and operate a game-winning threat management strategy by aligning your team, automating cumbersome processes, and measuring the right metrics (the ones that matter to your unique SOC). Join us […]

Accelerate SOC Maturity with Threat Hunting

Accelerate SOC Maturity with Threat Hunting

Table of Contents: What Is SOC Maturity? Why Is It Important? What Does a Mature SOC Look Like? What Holds Organizations Back from Threat Hunting? Threat Hunting Benefits: Why Is Threat Hunting Important for SOC Maturity? What Is SOC Maturity? Why Is It Important? SOC leaders who got their start in security 10 or 20 […]

Modernize Threat Intelligence: Datasheet

threat intelligence

DOWNLOAD NOW > What’s in this Datasheet? Prioritization, specificity, and actionability are common challenges with threat intelligence. With SnapAttack, they aren’t – no matter your team’s skillset. DOWNLOAD >

Google Cloud Security Partnership

Google Cloud Security Partnership

DOWNLOAD NOW > What’s in this Datasheet? With Mandiant Threat Intelligence baked right into the SnapAttack platform, plus direct integrations with all major SIEMs like Google Chronicle, SnapAttack brings a structured workflow and detection power to unsilo your teams and your tools so that you can get more from your Google Cloud Security investment. DOWNLOAD […]

Analyst Report: SnapAttack for Continuous Threat Exposure Management (CTEM)

SnapAttack for Continuous Threat Exposure Management (CTEM)

DOWNLOAD NOW > Traditional vulnerability management programs are restricted to isolated, reactive security operations…and that’s not enough to keep modern enterprises protected. Amid an expansive and sophisticated attack surface, organizations have embraced proactive, holistic, efficient approaches to cybersecurity. They’re turning to approaches like Continuous Threat Exposure Management (CTEM): the continuous, automated model to proactive security […]

SnapAttack Expands Partnership with Mandiant to Modernize Cybersecurity through Operationalized Threat Intelligence

SnapAttack Expands Partnership with Mandiant to Modernize Cybersecurity through Operationalized Threat Intelligence

[Arlington, VA, November 8th, 2023] — SnapAttack, a centralized platform pioneering threat hunting, detection engineering, and threat intelligence, is delighted to announce an expanded partnership with Mandiant, part of Google Cloud, to extend operationalized threat intelligence to organizations of all sizes. Building on its current API integrations, the new endeavor will bring Mandiant’s industry-leading threat […]

Adversary’s Arsenal – T1053: Scheduled Task/Job

Adversary's Arsenal - Scheduled Tasks (1)

Table of Contents: Introduction  > Recent Relevant Intel  > Methods of Execution  > Persistence  > Privilege Escalation  > Lateral Movement  > Impair Defense  >   Click here to watch “Adversary’s Arsenal: T1053” on YouTube > Introduction New and emerging threats may get the headlines, but if they’re all you’re focused on, your defense is hardly […]