Monday, August 12, 2019

Advanced Hunting and Content Development Research Paper

Advanced Hunting and Content Development - Research Paper Example Attack or evading defenders’ tools involve using counter infrastructure and tools that compromise data. Defenders must then have indicators of compromise (IOC) such that their content identifies methods or numerous pieces of evidence (Orlando 23). This introduces the need to distinguish between analytic and hunting where analytics include the means of obtaining attractive objects, patterns, and events, and this is supported by hunting together with monitoring. However, monitoring is not analytics, but ensuring that the system is free from evident or hidden compromise by offenders. In their attack, offenders use different platforms and phishing techniques while defenders are forced to use such as exploit kit servers such as RSA Security Analytics to monitor phishing and other attacks. RSA security analytics work toward protecting phishing, and suspicious objects, patterns or events using notifications such as warnings, provision of information, and curbing suspicions. In all cases, RSA security analytics uses an event reconstruction to identify suspicions, warnings, or compromise, and communicates to the present security tools including intrusion prevention systems, and firewalls. The security tools are also informed of things that present threat to the system (Musthaler n.p). The two identified are Zenoss Core, Network Miner, and angry IP Scanner. The Zenoss Core platform combines system management and integrated network analysis of performance, events, availability, and configuration. The platform uses simple protocols for streaming data through SSH, JMX, and Syslong for flexible foundation to manage events and monitor logs. In addition, the tool offers features that are particularly geared towards virtual and cloud infrastructure. Network minor tool offers a great way of scrutinizing files, chat history, searching files,

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.