Skip to content

Call Ciccotti & Buckley at (757) 622-6100

Ciccotti & BuckleyCiccotti & Buckley
Ciccotti & Buckley
Norfolk's Private Investigators
  • ABOUT
    • About
    • Our Staff
    • Testimonials
  • SERVICES
    • Overview of Services
    • Accident Investigations
    • Background Checks
    • Child Custody Cases
    • Computer and Accounting Forensics
    • Corporate Services
    • Criminal Investigations
    • Infidelity
    • Divorce
    • General Investigations
    • Jury Selection
    • Maritime Investigations
    • Executive Concierge Services
    • Political Research
    • Surveillance
    • Technical Surveillance Counter-Measures (TSCM)
  • NEWS
    • How Private Investigators are using Drones to conduct business……
    • 4 Good Reasons Why A Law Firm Should Hire A Private Investigator
    • Enhanced Due Diligence
    • Avoiding Hiring Employees that are Going to Cost you Money
    • Actionable Insights for Corporate Investigations
    • Information versus Actionable Intelligence and the Private Investigator
    • Why Records Research is Important
    • Why Conduct Background Checks on Potential Employees?
    • Information versus Actionable Intelligence and the Private Investigator
    • Surveillance & Technology: What can investigators do when watching you?
    • Cybersecurity: Penetration Testing
    • Cybersecurity: Threat Hunting
    • Keyloggers in Private Investigation
    • 4 Ways to Protect from Cyber Attacks
    • Is somebody listening? Indicators For Possible Cellphone Compromise
    • Holiday Scams
    • Factors in Traffic Accident Investigations
    • Social Media Investigations
    • Ciccotti & Buckley, LLC can mitigate your risks!
  • CLIENTS
  • FAQ
  • CONTACT US
  • ABOUT
    • About
    • Our Staff
    • Testimonials
  • SERVICES
    • Overview of Services
    • Accident Investigations
    • Background Checks
    • Child Custody Cases
    • Computer and Accounting Forensics
    • Corporate Services
    • Criminal Investigations
    • Infidelity
    • Divorce
    • General Investigations
    • Jury Selection
    • Maritime Investigations
    • Executive Concierge Services
    • Political Research
    • Surveillance
    • Technical Surveillance Counter-Measures (TSCM)
  • NEWS
    • How Private Investigators are using Drones to conduct business……
    • 4 Good Reasons Why A Law Firm Should Hire A Private Investigator
    • Enhanced Due Diligence
    • Avoiding Hiring Employees that are Going to Cost you Money
    • Actionable Insights for Corporate Investigations
    • Information versus Actionable Intelligence and the Private Investigator
    • Why Records Research is Important
    • Why Conduct Background Checks on Potential Employees?
    • Information versus Actionable Intelligence and the Private Investigator
    • Surveillance & Technology: What can investigators do when watching you?
    • Cybersecurity: Penetration Testing
    • Cybersecurity: Threat Hunting
    • Keyloggers in Private Investigation
    • 4 Ways to Protect from Cyber Attacks
    • Is somebody listening? Indicators For Possible Cellphone Compromise
    • Holiday Scams
    • Factors in Traffic Accident Investigations
    • Social Media Investigations
    • Ciccotti & Buckley, LLC can mitigate your risks!
  • CLIENTS
  • FAQ
  • CONTACT US

Cybersecurity: Threat Hunting

Mar52018
Tips and Insights

In today’s landscape, a network breach or unauthorized access can often go on for weeks or months without detection.

So how do you know if you have been breached?

Security Testing and Threat Hunting

Is all the money, time and effort you are putting into cybersecurity effective? Despite all the layers of security and training you might have in place, is your data being siphoned anyway? What can you do to make sure?

Regularly performing Threat Hunting exercises will answer these questions. Our threat hunters are effectively detectives. They combine the skills required for penetration testing, forensics, auditing, programming, and big data analysis and focus on finding ongoing attacks that have gotten past the boxes and software.

 

The Hunt Is On…

Our security testing includes threat hunting and post-hunt analysis on a scheduled frequency to identify compromised systems and locate gaps in current protective measures. Our approach is hands-on to hunt for threats in your infrastructure and ensure your network is clear after a breach. Our threat hunters work with you to:

 

Improve Security Operations

  • Identify and understand threats, potential blind spots, and avenues of attack
  • Identify network layout and critical infrastructure
  • Identify existing defenses, including logging and alerting mechanisms
  • Gather information on historical threats and previous security incidents
  • Establish a baseline for normal and defining abnormal behavior

 

Identify Potential Breaches

Our analysts will evaluate existing threat intelligence information to identify an existing breach and uncover abnormal behavior using:

  • Firewall and network log configurations and log data
  • Server and relevant workstation logs
  • Automated scanning for Indicators of Compromise (IOCs) to identify known threats
  • Forensic data collection and analysis of relevant systems, including live memory analysis
  • Network packet capture and analysis

 

Report and Improve

Specific recommendations delivered in writing and directly tied to risk provide actionable intelligence and steps to improve overall security posture, remove blind spots, and close existing gaps.

 

Why do I need Threat Hunting on top of Security Information and Event Management (SIEM), endpoint, and boundary protection?

More than 70% of the companies surveyed by SANS (https://www.sans.org/) had inadequate capability in identifying, detecting, and responding to advanced threats. Attacks from Advanced Persistent Threats (APTs) often bypass all the boxes and software. Once in place and undetected, they can operate for months and sometimes years before being detected and stopped. They are persistent, because it is not uncommon for them to find yet another way in and the cycle repeats.

There is no tool available that can do the detective work and analysis that a human with training and, more importantly, experience, can.

Cybersecurity is a constantly evolving industry and no one takes advantage of this better than the attackers. Many of them are well funded and organized. They have the resources to train against just about any out of the box defense/intelligence system available. This is why Threat Hunting is so important – you need a human to counter another human.

Category: Tips and InsightsBy adminMarch 5, 2018Leave a comment

Author: admin

Post navigation

PreviousPrevious post:Cybersecurity: Penetration TestingNextNext post:Keyloggers in Private Investigation and How Clients Can Use Them

Related Posts

Ciccotti & Buckley, LLC can mitigate your risks!
July 22, 2019
How Private Investigators are using Drones to conduct business……
March 28, 2019
4 Good Reasons Why A Law Firm Should Hire A Private Investigator
March 28, 2019
Social Media Investigations
December 17, 2018
Enhanced Due Diligence
August 17, 2018
Avoiding Hiring Employees that are Going to Cost you Money
June 29, 2018

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

clear formPost comment

Ciccotti & Buckley 500 E. Plume Street, Suite 210, Norfolk, VA 23510