Many cyber security veterans may not recognize threat reconnaissance as an option for them, as the activity conjures thoughts of intelligence agencies and military. For many, reconnaissance is simply part of the cyber kill chain – something bad actors to do good organizations. The idea that good organizations can have the ability to conduct recon on the bad actors is only recently surfacing among the most risk averse enterprises. However, it is threat hunting as it should be.
Team Cymru spoke with a multinational corporation with several business units that employs threat reconnaissance to improve security. This walkthrough will illustrate the value of employing analysts in more strategic ways to optimize the incident response process, as well as improve prevention and detection.
Download this case study to learn about how to:
- Extract more value from your existing threat intelligence;
- Expose shadow IT;
- Identify and block impending attacks;
- Gain insights into new threats ahead of antivirus and intel vendors;
- Accelerate root cause analysis and reducing IR workload.