Entdecken Sie das volle Potential Ihrer Projekte.
Vollbild-Modus
Map bearbeiten Kopieren

Threat Hunting

Bildung & Notizen
NT
Nikhil Test

This is the Static way of Threat Hunting Process

Jetzt loslegen. Gratis!
oder registrieren mit Ihrer E-Mail-Adresse
Ähnliche Mindmaps Mindmap-Gliederung
Threat Hunting von Mind Map: Threat Hunting

1. Application/Process Events

1.1. Hunting for Suspicious Application/Process Command Events

1.1.1. Hunting for Suspicious File Write by any File Type

1.1.1.1. Hunting For Renamed Process with Actual Name Process

1.2. Hunting for Suspicious Application/Process Registry Events

1.2.1. Hunting for Suspicious Clicked Links from Outlook for Different Browsers

1.2.1.1. CPU Usage based on the Host

1.3. Hunting for suspicious Registry Events on Host

1.3.1. Hunting for Suspicious IP Request from Application/Process Event

1.3.1.1. Hunting for Suspicious Script written at any System Path

1.4. Hunting for Suspicious File Types

1.4.1. Hunting for Suspicious Domain Request from Application/Process Event

1.4.1.1. Hunting for Suspicious Files with Double Extensions

2. Network Events

2.1. Enumerate Suspicious DNS Request

2.1.1. Number of Connections observed on Remote Desktop Protocol of specific host

2.1.1.1. Hunting For only Open Ports of Specific Host

2.2. Enumerate Suspicious IP Request

2.2.1. Hunting For Open Ports along with Process/Service Name

2.2.1.1. Hunting for TOP TLD Domains and associated SubDomains

3. Security Events

3.1. APT Activity by Known IoCs for Windows Platform

3.1.1. Hunting for Parent Activities by any Suspicious File Process

3.1.1.1. Hunting for Suspicious Application running from Temp Directory

3.2. APT Activity by Known IoCs for Linux Platform

3.2.1. Hunting for Suspicious Command Entries via Legit Process

3.2.1.1. Hunting for Suspicious Ransomware Extensions