Threat Profiles: Figuring Out Which Threats Matter
What are Threat Profiles? In a typical security operations center (SOC), the threat detection and response teams have one key objective: identify and stop the bad guys. To do so, they invest in the best tools, recruit the best team members, and work tirelessly to stay ahead of any potential security incidents that might be […]
Hunting Impacket: Part 2
Impacket Overview Welcome back. This is part two of our blog series covering the Impacket example tools. Impacket is a collection of Python classes focused on providing tools to understand and manipulate low-level network protocols. This capability enables you to craft or decode packets of a wide variety of protocols such as IP, TCP, UDP, […]
Hunting Impacket: Part 1
Impacket Overview Impacket is a collection of Python classes focused on providing tools to understand and manipulate low-level network protocols. This capability enables you to craft or decode packets of a wide variety of protocols such as IP, TCP, UDP, ICMP, and even higher-level protocols like SMB, MSRPC, NetBIOS, and others.One of the key strengths […]
How to Measure Threat Hunting ROI
The Problem with Threat Hunting Metrics Threat hunting is a massive commitment of time, resources, team members, and technology. Any investment that impactful would normally be one that was carefully measured to ensure it was driving sufficient value for the team. The thing is, there’s no established benchmark of “success” in threat hunting. Measuring the […]
Creating Actionable Threat Intelligence for Threat Hunters
Ask any security leader and they’ll tell you actionable threat intelligence is the cornerstone of a successful, threat-informed security operations center (SOC). However, to be of any real value to the team, threat intelligence needs to be relevant, timely, and supportive of next steps for the teams that utilize it. Due to the sheer volume […]
Accelerate SOC Maturity with Threat Hunting
Table of Contents: What Is SOC Maturity? Why Is It Important? What Does a Mature SOC Look Like? What Holds Organizations Back from Threat Hunting? Threat Hunting Benefits: Why Is Threat Hunting Important for SOC Maturity? What Is SOC Maturity? Why Is It Important? SOC leaders who got their start in security 10 or 20 […]
SnapAttack Expands Partnership with Mandiant to Modernize Cybersecurity through Operationalized Threat Intelligence
[Arlington, VA, November 8th, 2023] — SnapAttack, a centralized platform pioneering threat hunting, detection engineering, and threat intelligence, is delighted to announce an expanded partnership with Mandiant, part of Google Cloud, to extend operationalized threat intelligence to organizations of all sizes. Building on its current API integrations, the new endeavor will bring Mandiant’s industry-leading threat […]
Modernizing Threat Intelligence with TTPs: Not Your Father’s Threat Intelligence Pt. 1
TL;DR: Think differently about threat intelligence with TTPs.Traditional approaches to threat intelligence leave security teams reactive, overwhelmed, and unable to quickly and proactively address threats. Operationalizing TTP-based intelligence carries some challenges, but the juice is well worth the squeeze. Table of Contents: All About the Pyramid of Pain Traditional Threat Intelligence: IOCs and Finished Intelligence […]
Mandiant Threat Intelligence & SnapAttack for Enterprises, a Better Together Story: Enhancing Your Detection Engineering Workflows
Detection engineering is the process of creating, testing, deploying, and maintaining detections that alert security teams to malicious activity in their environment. Detection engineering is a critical component of a threat-informed defense, which is a proactive approach to cybersecurity leveraging threat intelligence, attack emulation, and behavioral analytics to improve security posture and reduce risk. However, […]
What’s Holding You Back? A CISO’s Perspective on Proactive Security
Paul Caiazzo, former CISOand current Chief Growth Officer at SnapAttack Linkedin Table of Contents: What is Proactive Cybersecurity? Benefits of Proactive Security What Holds Organizations Back From Being Proactive? How Can Organizations Enhance Cyber Maturity and Achieve Proactive Cybersecurity? Everyone wants to achieve “proactive security” right now. There’s not a tool on the market that […]