{"id":909,"date":"2016-02-09T07:06:55","date_gmt":"2016-02-09T15:06:55","guid":{"rendered":"http:\/\/raffy.ch\/blog\/?p=909"},"modified":"2016-02-22T14:16:12","modified_gmt":"2016-02-22T22:16:12","slug":"creating-your-own-threat-intel-through-hunting-visualization","status":"publish","type":"post","link":"https:\/\/raffy.ch\/blog\/2016\/02\/09\/creating-your-own-threat-intel-through-hunting-visualization\/","title":{"rendered":"Creating Your Own Threat Intel Through Hunting &#038; Visualization"},"content":{"rendered":"<p><b>Hunting<\/b> has been a fairly central topic on this blog. I have written about different aspects of hunting <a href=\"http:\/\/raffy.ch\/blog\/2015\/10\/16\/internal-threat-intelligence-what-hunters-do\/\">here<\/a> and <a href=\"http:\/\/raffy.ch\/blog\/2015\/06\/07\/hunting-the-visual-analytics-addition-to-your-siem-to-find-real-attacks\/\">here<\/a>.<\/p>\n<p>I just gave a presentation at the <a href=\"https:\/\/sas.kaspersky.com\/\">Kaspersky Security Analytics Summit<\/a> where I talked about the concept of <b>internal threat intelligence<\/b> and showed a number of visualizations to emphasize the concept of <b>interactive discovery<\/b> to find behavior that really matters in your network.<\/p>\n<p><center><iframe loading=\"lazy\" src=\"\/\/www.slideshare.net\/slideshow\/embed_code\/key\/4tuc9fiAipZkSK\" width=\"595\" height=\"485\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" style=\"border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;\" allowfullscreen> <\/iframe> <\/p>\n<div style=\"margin-bottom:5px\"> <strong> <a href=\"\/\/www.slideshare.net\/zrlram\/creating-your-own-threat-intel-through-hunting-visualization\" title=\"Creating Your Own Threat Intel Through Hunting &amp; Visualization\" target=\"_blank\">Creating Your Own Threat Intel Through Hunting &amp; Visualization<\/a> <\/strong> from <strong><a href=\"\/\/www.slideshare.net\/zrlram\" target=\"_blank\">Raffael Marty<\/a><\/strong> <\/div>\n<p><\/center><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hunting has been a fairly central topic on this blog. I have written about different aspects of hunting here and here. I just gave a presentation at the Kaspersky Security Analytics Summit where I talked about the concept of internal threat intelligence and showed a number of visualizations to emphasize the concept of interactive discovery [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,8,2],"tags":[],"class_list":["post-909","post","type-post","status-publish","format-standard","hentry","category-log-analysis","category-security-information-management","category-visualization"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/909","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/comments?post=909"}],"version-history":[{"count":4,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/909\/revisions"}],"predecessor-version":[{"id":918,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/909\/revisions\/918"}],"wp:attachment":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/media?parent=909"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/categories?post=909"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/tags?post=909"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}