Sqrrl Blog

Aug 30, 2016 8:00:00 AM

Threat Hunter Profile - Chris Sanders

chris_headshot.jpg

Name: Chris Sanders

Organization: FireEye

Years hunting: 10

Favorite datasets: Flow, Bro, Windows endpoint logs

Favorite hunting techniques: Aggregations, pivots, relationship graph visualizations

Favorite tools: SiLK, FlowBAT, Python, Wireshark, FireEye TAP, Splunk

@chrissanders88

Read More

Topics: Cyber Hunting, Threat Hunting, Threat Detection, Hunter Profile

Aug 17, 2016 8:00:00 AM

Threat Hunter Profile - Josh Liburdi

headshot.png

Name: Josh Liburdi

Organization: Sqrrl

Years hunting: 3

Favorite datasets: Bro, memory artifacts, file metadata

Favorite hunting techniques: Stack Counting, baselining, data visualization

Favorite tools: Bro, LaikaBoss, Volatility, Sqrrl

@jshlbrd

Read More

Topics: Cyber Hunting, Threat Hunting, Threat Detection, Hunter Profile

Aug 1, 2016 5:45:22 PM

Threat Hunter Profile - David Bianco

Editor's Note: This is the first in a series of posts that will profile various threat hunters, highlighting their experiences, as well as hunting techniques and lessons from the field.

Name: David J. Bianco

Organization: Sqrrl

Years hunting: 8

Favorite datasets: HTTP proxy logs, authentication logs, process data

Favorite hunting techniques: Outlier detection, visualization

Favorite tools: Sqrrl, Unix command line, Python, Apache Spark, scikit-learn

@DavidJBianco

Read More

Topics: Cyber Hunting, Threat Hunting, Threat Detection, Hunter Profile