I hope you enjoyed the first session - that's just a taster of the amazing content we've got for you in the next couple of weeks!
There were a couple of resources mentioned in the session which I've listed below for reference in case:
For file hashing, Greg used these commands:
And to get your external IP, Greg recommended using
When we were recording Greg and Mat's video, we realised we had even more that we wanted to share with you, so I'm pleased to include below the 'bonus' footage from session 1 - Thinking Like A Threat Hunter. In it, Greg and Mat talk about who performs threat hunting, signal prioritization and the various adversarial tactics attackers use.
Take a look at the link below, and get yourself ready for tomorrow's session; Threat Journey: Running Code on Remote Systems. See you there!
Hello Nick and Sophos Threat Hunt Accademy Team,
These were a great sessions. Thanks for it.
Please there is a checklist of things to do about threat hunt day by day? Differents steps or hypotesis to explore for checking the health of computer infratructure?
endpoint users and server? For exemple how can I check if there is a the ressources of some computer in my network are not use by tiers programs?