Threat Hunting for Masquerading Windows Processes

An important aspect of effective threat hunting is to understand what is normal in an environment. If a threat hunter is able to baseline the normal behaviour in a system then any abnormality is most likely due to an actor that has newly entered the environment. This actor could be a new software installation, new Read More…

Article Link: http://niiconsulting.com/checkmate/2017/08/threat-hunting-for-masquerading-windows-processes/