Historical data analysis in security operations: the role of retrospective search

This essay was written by Sergey Soldatov, Kaspersky’s Head of Security Operations Center. It explores the unique role of threat hunting in detecting advanced persistent threats (APTs) that evade automated security solutions, positioning it as a critical component of a modern SOC’s detection and response strategy. Drawing from real-world detection practices, it outlines how threat hunting complements alert-driven SOC operations through retrospective analysis and hypothesis-driven investigation, using telemetry data such as EDR/NDR logs.

백서 보기

무료 다운로드

연락처 정보를 입력하고 다운로드 버튼을 클릭하십시오. 다운로드 링크가 포함된 이메일이 발송됩니다.

By clicking the button below, you consent to B2B Media Group GmbH with its affiliated companies and Kaspersky Labs GmbH processing and storing your data for marketing purposes, in particular for marketing-related contact by e-mail and telephone.

You can revoke your consent at any time by sending an e-mail to unsubscribe@b2bmg.com (subject: Kaspersky Labs GmbH). Further information can be found in the Privacy Notice.

Privacy / download conditions:

Date: 1.8.2018

Client

B2B Media Group GmbH, Bahnhofstraße 5, 91245 Simmelsdorf (B2B MG)

Partner

Kaspersky Labs GmbH

* 표시된 영역은 필수입니다