The failure of automated prevention and detection technologies to stop malware from breaching defenses, coupled with a disappearing perimeter opens the door for active threat hunting to become an increasingly important skill among network defenders.
Threat hunting is the practice of searching for badness and unauthorized activity on our own systems or network. By knowing what is normal in our networks and what is possible of adversaries, the hunter can identify malware, signs of unauthorized activity, and indicators of compromise lurking within.
In this videotaped session presented at BSides Las Vegas this August on PowerShell-Fu – Hunting on the Endpoint, CEO Chris Gerritz explores how to hunt for malware and compromises on Windows endpoints using built-in PowerShell commands and scripts. He explores how to validate what’s running on your systems and identify some of the tell-tale signs that you’ve been penetrated. The skills demonstrated will be useful on your own local system or remotely against hundreds or even thousands of systems.
Interested in our enterprise ready solution?
Learn more about discovering hidden threats lurking on your network with Infocyte HUNT.