Top trends shaping Threat models today
Hey there my fellow Cybersecurity geeks, are you also conscious about those sneaky little malwares which can bypass the basic SOC defences and lurk into your environment like a common person on a morning walk?
Well, this post is about Threat Detection 101, where you have to gear up, hop on your horse, and start hunting for those threats.
But it’s a big jungle, right? It’s very common to feel overwhelmed by where to begin with. Let’s start with the big ones. The ones which are common to spot but most impactful.
So here are the top trends that are shaping threat models today.
- Business Email Compromise (BEC)
- Ransomware
- Data loss
- Account compromise
Step 1: Start with identifying which threat models are most relevant to your organization.
Step 2: Then look for the specific threats which are more common for your model (eg Mimikatz, Cobalt strike etc).
Step 3: Time to dig into the techniques that are associated with the threats you identified (eg LSASS memory dump, DLL injection)
What now? Simply start looking for any indication of those techniques in your environment.
Found something? Great, you’ve caught your culprit! Found nothing? Even better—you’ve got new use cases to strengthen your defence shield.
Final Thoughts
It’s a vast ocean. Data is huge and analysts are not enough. It’s like ** finding a needle in a haystack**. Better start looking where probability of threat is high. There is a huge possibility that you won’t have to look further.
Happy hunting. 🔒