IoC hunting in action: practical pivoting techniques

This article was written by Damir Shaykhelislamov, an employee working within Kaspersky’s Expert Security Solutions department. It explores the importance of IoC pivoting in modern threat hunting and demonstrates how to move from basic IoC detection to building a broader picture of nefarious activity.

The article includes real-world examples that will help analysts to enrich indicators and optimize workflows with threat intelligence, such as:

Infrastructure-based pivoting (e.g., IPs, domains, SSL certificates)
Malware artifact discovery using sandboxing and code analysis
Threat attribution and TTP mapping with frameworks such as MITRE ATT&CK

These, among other, techniques provide a structured approach to turn isolated indicators into actionable insights, so analysts can detect more, respond faster and get ahead of cyberthreats.

Tanulmány megtekintése

Ingyenes letöltés

Kérjük, adja meg a kapcsolattartási adatait, és kattintson a letöltés gombra. E-mailben elküldjük a letöltési hivatkozást.

By clicking the button below, you consent to B2B Media Group GmbH with its affiliated companies and Kaspersky Labs GmbH processing and storing your data for marketing purposes, in particular for marketing-related contact by e-mail and telephone.

You can revoke your consent at any time by sending an e-mail to unsubscribe@b2bmg.com (subject: Kaspersky Labs GmbH). Further information can be found in the Privacy Notice.

Privacy / download conditions:

Date: 1.8.2018

Client

B2B Media Group GmbH, Bahnhofstraße 5, 91245 Simmelsdorf (B2B MG)

Partner

Kaspersky Labs GmbH

A *-gal jelölt mezők kötelezőek