Sqrrl Blog

Sep 28, 2016 8:00:00 AM

Threat Hunter Profile - Jason Smith

jason.jpg 

Name: Jason Smith

Organization: FireEye

Years hunting: 6

Favorite datasets: Flow data, Bro logs (http, dns, etc.), Windows event logs

Favorite hunting techniques: Pivoting from statistical anomalies, behavioral deviations for local assets

Favorite tools: SiLK, FlowBAT, Bro, Security Onion, Wireshark, Bash

@Automayt

Read More

Topics: Cyber Hunting, Threat Hunting, Threat Detection, Hunter Profile

Sep 14, 2016 8:30:00 AM

Threat Hunter Profile - Samuel Alonso

SAG.jpg

Name: Samuel Alonso

Organization: KPMG

Years hunting: 2

Favorite datasets: AV, firewall, proxy, IDS and passive DNS

Favorite hunting techniques: Stack counting, anomaly detection and visualization

Favorite tools: Volatility, Passive Total, Santoku and Kali Linux

@Cyber_IR_UK

Read More

Topics: Cyber Hunting, Threat Hunting, Threat Detection, Hunter Profile

Sep 12, 2016 3:41:22 PM

The Applicability of Graphs for Information Security Combatants

This post by Henrik Johansen originally appeared on Medium. Henrik is an IT Security professional at a Danish public sector entity called Region Syddanmark.

I have been tweeting a lot lately about Graphs and how they can be utilised in the context of Information Security. Since this is a topic that seems interesting to a few people I thought a more thorough explanation would make sense. Think of this as the “why” and “what” more than the “how”. 

Read More

Topics: Graphs, Incident Response, Threat Hunting, Cyber Threat Hunting