Historical data analysis in security operations: the role of retrospective search

This essay was written by Sergey Soldatov, Kaspersky’s Head of Security Operations Center. It explores the unique role of threat hunting in detecting advanced persistent threats (APTs) that evade automated security solutions, positioning it as a critical component of a modern SOC’s detection and response strategy. Drawing from real-world detection practices, it outlines how threat hunting complements alert-driven SOC operations through retrospective analysis and hypothesis-driven investigation, using telemetry data such as EDR/NDR logs.

Visa vitbok

Gratis nedladdning

Ange din kontaktinformation och klicka på knappen Hämta. Du kommer att få ett e-postmeddelande med din nedladdningslänk.

By clicking the button below, you consent to B2B Media Group GmbH with its affiliated companies and Kaspersky Labs GmbH processing and storing your data for marketing purposes, in particular for marketing-related contact by e-mail and telephone.

You can revoke your consent at any time by sending an e-mail to unsubscribe@b2bmg.com (subject: Kaspersky Labs GmbH). Further information can be found in the Privacy Notice.

Privacy / download conditions:

Date: 1.8.2018

Client

B2B Media Group GmbH, Bahnhofstraße 5, 91245 Simmelsdorf (B2B MG)

Partner

Kaspersky Labs GmbH

Fält markerade med * är obligatoriska