Integrating SIEM into Your Threat Hunting Strategy
Integrating SIEM into Your Threat Hunting Strategy
13 PagesIntegrating SIEM into Your Threat Hunting Strategy 1 Integrating SIEM into Your Threat Hunting Strategy WHITE PAPER 12 Integrating SIEM into Your Threat Hunting Strategy WHITE PAPER Table of Contents 3 What Are Data Sets in the Context of Threat Hunting? 4 Building a Threat Hunting Toolkit 5 Getting an Overall Picture with Maltrail 6 Adding Layers of Detail with Sinkholes 7 A Typical Threat Hunt 10 Summary 11 Strategy, tactics, and operations 13 About McAfeeIn this paper, we offer both an approach and a toolkit for threat hunting. We show you how to aggregate and correlate the data your tools provide into a single analysis tool—an advanced security information and event management (SIEM) platform—to detect and block cyberthreats. We show you how a solid threat-hunting infrastruc
