Sunday, May 6, 2018

Infosec quotes - start threat hunting

“...
Getting started with Threat Hunting:

1) Install Splunk
2) Sysmon all the endpoints using GPO
3) Send all logs to Splunk using Sysmon TA
4) Run saved queries :D
...”


https://twitter.com/vysecurity/status/993092569813979136?s=21

No comments:

Post a Comment