THREAT HUNTING

How Does Threat Hunting Work?

The team in SpearTip’s Security Operations Center continually hunts for emerging indicators of compromise to detect zero day and day one attacks, as well as persistent vulnerabilities, within client environments. This is done through technical and policy reviews, along with actively monitoring the environment for suspicious activity. Our threat hunting assessments include the deployment of the ShadowSpear Platform, allowing the SOC to actively monitoring environments to identify critical vulnerabilities before they can be leveraged by an advanced attacker. SpearTip currently offers two distinct threat hunting engagements. 

Ransomware Threat Assessment

Combining policy evaluation and technical testing, the team assesses vulnerabilities within client environments and the Dark Web that could lead to ransomware attacks. This includes a review of policies and procedures, detection and protection capabilities, response protocols, and other relevant areas, in addition to the findings from the deployment of ShadowSpear. You will receive actionable advice to adopt practices to mitigate and prevent these types of events, hardening your security defenses. 

Business Email Compromise Threat Assessment

This hybrid approach of policy evaluation and technical testing includes an assessment focused on vulnerabilities within your environment, as well as any legitimate credentials found on the Dark Web, that could lead to business email compromise (BEC). This includes a review of policies and procedures, detection and protection capabilities, response protocols, and other relevant areas as observed, in addition to the findings from the deployment of SpearTip’s email monitoring system into the environment. BECs often lead to more persistent attacks; this assessment will help fortify relevant systems and limit the organization’s attack surface.

For all Threat Hunting engagements, we provide a review of policies and procedures, detection and protection capabilities, response protocols, and other relevant areas as observed, in addition to the findings from SpearTip’s agent-based deployment within your environment. You will receive actionable advice to adopt practices that mitigate these types of events.

Threat Hunting Objectives

Find Existing Threats in your Environment

Monitor the Dark Web Externally

Review Common Threat Actor Tactics, Techniques, and Procedures

Detect Advanced Malware

Identify Potential Business Email Compromise

Risk Assessments
Vulnerability Assessments
Security Program Development
Adversary Services

Looking for a Security Ally?

Please fill out our Information form
and SpearTip will contact you shortly.