Week 3: Hypothesis Based Threat Hunting and MITRE
Security analysts consume and process thousands of threat intelligence indicators every day. The vast majority of these are simple atomic or computed indicators such as IPs, domain names, file hashes, and signatures. While these are important pieces of the threat hunting puzzle, effective threat hunters look beyond these simple indicators to find adversary tactics, techniques, and procedures (TTPs) and build evidence that supports hypotheses. Join us to discover how Cisco Security enables TTP-aware, hypothesis-based threat hunting powered by MITRE ATT&CK indicators.