CyDefOpsDOTCOM
CyDefOpsDOTCOM
  • Home
  • About us
    • Who we are
  • Services
    • Capability Development
    • Cyber Essentials Review
    • Cyber Threat Intelligence
    • Darkweb Breach Monitoring
    • Digital Forensics
    • Incident Response
    • Malware Analysis
    • Threat & Risk Assessment
    • Threat Hunting
    • Virtual CISO (vCISO)
  • Research
    • Project Killchain repo
    • Deconstructing Deception
    • Malicious Pypi ... part 2
    • Malicious Pypi Packages
    • Chinese SMS Scams - Qatar
    • Dissecting PyPi Packages
    • VSCode Data Exfiltration
    • DevTunnels Unleashed
    • Notepad++ Data Exposure
    • Android - Kamran Spyware
  • PGP Encrypted Message
  • Project Killchain Group
  • More
    • Home
    • About us
      • Who we are
    • Services
      • Capability Development
      • Cyber Essentials Review
      • Cyber Threat Intelligence
      • Darkweb Breach Monitoring
      • Digital Forensics
      • Incident Response
      • Malware Analysis
      • Threat & Risk Assessment
      • Threat Hunting
      • Virtual CISO (vCISO)
    • Research
      • Project Killchain repo
      • Deconstructing Deception
      • Malicious Pypi ... part 2
      • Malicious Pypi Packages
      • Chinese SMS Scams - Qatar
      • Dissecting PyPi Packages
      • VSCode Data Exfiltration
      • DevTunnels Unleashed
      • Notepad++ Data Exposure
      • Android - Kamran Spyware
    • PGP Encrypted Message
    • Project Killchain Group
  • Sign In
  • Create Account

  • Bookings
  • My Account
  • Signed in as:

  • [email protected]


  • Bookings
  • My Account
  • Sign out

Signed in as:

[email protected]

  • Home
  • About us
    • Who we are
  • Services
    • Capability Development
    • Cyber Essentials Review
    • Cyber Threat Intelligence
    • Darkweb Breach Monitoring
    • Digital Forensics
    • Incident Response
    • Malware Analysis
    • Threat & Risk Assessment
    • Threat Hunting
    • Virtual CISO (vCISO)
  • Research
    • Project Killchain repo
    • Deconstructing Deception
    • Malicious Pypi ... part 2
    • Malicious Pypi Packages
    • Chinese SMS Scams - Qatar
    • Dissecting PyPi Packages
    • VSCode Data Exfiltration
    • DevTunnels Unleashed
    • Notepad++ Data Exposure
    • Android - Kamran Spyware
  • PGP Encrypted Message
  • Project Killchain Group

Account


  • Bookings
  • My Account
  • Sign out


  • Sign In
  • Bookings
  • My Account

How can you tell if someone has broken into your house when the alarm hasn't triggered?


This is a very relevant question, in the context of cybersecurity it must keep CISOs up at night. 


Threat hunting is not penetration testing, in fact, it's quite the opposite.  The goal is to apply a range of analytical procedures coupled with attack models and diverse expertise across a range of technical disciplines to confirm or deny if the system has been compromised.


As part of a hunt, a threat hunter will utilise a range of models such as the OODA loop and Cyber Kill Chain amongst others to form a hypothesis, they will seek to gather all of the relevant data from all available sources to allow them to analyse the data for anomalies that may support the hypothesis and they will report back on the outcome of their findings.


The overall goal is not to fix the vulnerability that was exploited and allowed the system, network or service to be compromised but to enable other security functions to improve their detective capability and to allow them to close the gaps that were exploited by the adversary.

How we can help

  • Providing expertise on adversarial Tactics, Techniques and Procedures (TTPs) - MITRE ATT&CK


  • Understanding threat hunting models such as the Diamond Model, Cyber Kill Chain, Paris, TaHiTI


  • Data analysis and enrichment techniques


  • Using free and open-source tooling for hunting and data analysis


  • Threat hunting training and workshops


  • Hunt hypothesis formation


Get a quote

 Cyber Defence Operations Limited is a limited company registered in England and Wales. registered number: 12118657. Registered office: 71-75 Shelton Street, London, WC2H 9JQ.  ‘CyDefOps’ and ‘CDO’ are trading names used by Cyber Defence Operations Limited. Copyright © - All Rights Reserved.  

Powered by the tears of blackhats

  • Capability Development
  • Cyber Essentials Review
  • Cyber Threat Intelligence
  • Darkweb Breach Monitoring
  • Digital Forensics
  • Incident Response
  • Malware Analysis
  • Threat & Risk Assessment
  • Threat Hunting
  • Virtual CISO (vCISO)
  • Privacy Statement
  • Get a quote

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept