Tag feed

#threat-hunting

42 posts33 followers

Explore Hashnode

Alternatives

Trending tags this week

TSTech Skill Schooltechskillschool.hashnode.devJun 10 · 7 min read

Start Your SOC Journey with SOC Analyst Training 101

In today’s digital landscape, cyber threats are evolving at an unprecedented pace. From ransomware attacks targeting critical infrastructure to sophisticated phishing campaigns and advanced persistent

0

JJJaewook Jungwoogi.meJun 6 · 8 min read

Threat Hunting Methodology

Most security tools are reactive. Alerts fire after a rule matches, and analysts triage. Threat hunting flips that: you assume something has already evaded the tools, and you go look for it. This post

0

RBRegő Botond Ronyeczzerohook.hashnode.devJun 4 · 9 min read

Top 10 DNS Security Tools for Proactive Threat Hunting (2026)

Most DNS security advice is reactive. Something breaks, you investigate. But the teams that catch problems early aren't waiting for alerts from their SIEM — they're actively mapping their own attack s

0

TSTech Skill Schooltechskillschool.hashnode.devJun 3 · 5 min read

What Are the Tools Used in a SOC Analyst Workflow?

In the fast-paced world of cybersecurity, a SOC Analyst is often the first line of defense against cyber threats. They monitor systems 24/7, investigate alerts, and respond to incidents before they ca

0

Vvaishvikkansaraloghunter.hashnode.devMay 22 · 9 min read

How to Investigate a Phishing Attack Step by Step (SOC Perspective)

Phishing is the number one attack vector used by cybercriminals worldwide. According to multiple threat intelligence reports, over 90% of data breaches begin with a phishing email. As a SOC Analyst, k

0

ZOZeroTrust Opsnavyacyber.hashnode.devApr 30 · 10 min read

My First Hands-On Threat Hunting Workshop Experience with Intel 471: Hunting CVE-2023-46604 from Curiosity to Confidence

When I first heard about Intel 471’s Intelligence-Driven Threat Hunting Workshop: Vulnerability Post-Exploitation Behaviors, I wasn’t actively searching for another certification or workshop. In fact,

0

TATaji Abdullahtechnofiles.hashnode.devApr 23 · 2 min read

Understanding Threat Hunting Initiation

When I first learned about Threat Hunting, the biggest question I had was, how is the hypothesis formed, how do you come to the point of forming a hypothesis that serves as the basis for the threat hu

0

PPromisepromise-security.hashnode.devApr 5 · 2 min read

Analysing a Simulated Web Breach with Splunk (Deloitte Forage Cyber Task)

1. Getting the logs into Splunk The task provided a web_activity.log file with HTTP requests grouped by internal IP addresses. My first step was to bring this data into Splunk so I could query and vis

0

SMShubham Mishrasammy-secops.hashnode.devApr 3 · 40 min read

From Security Tool to Credential Stealer: The TeamPCP Trivy Supply Chain Attack

TL;DR — Read This First On March 19, 2026 at approximately 17:43 UTC, threat actor group TeamPCP silently redirected trivy-action@0.34.2 — a real, trusted release already running in thousands of CI/CD

1

C

BOBrian Olsonhurrikane.netMar 30 · 10 min read

What's in a Name: DNS as a Detection Goldmine

I love DNS. I know that's a weird thing to say, but I've been doing DFIR and detection engineering for close to two decades, and no single protocol has given me more signal per dollar invested than DN