Experiencing a

SECURITY BREACH?


1-844-831-7715

(44) 808-234-6353

Talos IR Services

Are you experiencing a security

EMERGENCY?

If you’re experiencing a cybersecurity incident, contact Cisco Talos Incident Response immediately.

Talos IR emergency experts are available 24-hours a day.

1-844-831-7715

(44) 808-234-6353

Threat Hunting

Why conduct proactive threat hunting?

Organization’s security controls have become more advanced in recent years, as have the adversaries in leveraging more sophisticated threats quickly. Cybersecurity teams must be proactive in seeking out specific threat vectors and adversaries to determine if the networked environment is compromised and/or the existing security controls provide appropriate visibility and enforcement. The Talos IR threat hunting service helps your team to hunt down the unknowns and discover adversaries that may exist within your environment so you can better prepare your defenses against specific threats.

Identify weakness to enhance security

Threat hunts help your organization gain information and better understand risks associated with a specific threat or adversary. Talos IR will work alongside your team to determine the focus of the hunting exercise and identify appropriate tools and methodologies to cover. The insights gained will help the organizations better understand their exposure to the tactics, techniques and procedures (TTPs) threat actors commonly leverage and make better investments in controls to reduce or eliminate security gaps. 

What does this include?

  • Detailed scoping exerciseDetailed scoping exercise
    to identify available telemetry, datapoints and customer objectives to ensure comprehensive delivery of this service.
  • Hunting for the target
    adversary TTPs through a deep analysis of various data points, aligned with comprehensive hypothesis and other objectives to discover new or existing threats in your environment.
  • Access to skilled incident responders
    with years of experience dealing with numerous types of incidents, who will execute custom threat hunting scenarios across the environment using existing telemetry.
  • Full access to Cisco’s complete tool suite during the exercise
    to provide greater visibility, speed and a broader understanding of all threats in the network using the latest available technologies.
  • A threat hunting report
    that includes an executive overview, technical summary, a full recap of the hunting hypothesis, key findings aligned with MITRE ATT&CK framework and recommendations.
  • Technical and executive debriefs
    to ensure that findings are effectively communicated across all business levels.

Sample hunt use cases

  • Critical infrastructure
  • Web services compromise
  • Lateral movement
  • Embedded attacker
  • Privileged user access review
  • Historical analysis of environment using new threat intelligence indicators

Interested in this service?

Reach out to your account team or contact us below.

Security expertise at your fingertips

When you partner with Cisco Talos Incident Response, you ensure your organization has direct access to unique and actionable threat intelligence, world-class emergency response capabilities, and unmatched expertise to help you be prepared for current and future threats.

Interested in this service?

Reach out to your account team or contact us below.