RA-10: Threat Hunting

From NIST's SP800-53:

a. Establish and maintain a cyber threat hunting capability to: 1. Search for indicators of compromise in organizational systems; and 2. Detect, track, and disrupt threats that evade existing controls; and b. Employ the threat hunting capability [Assignment: organization-defined frequency].

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

Search:

ATT&CK ID	Title	Associated Tactics
T1190	Exploit Public-Facing Application	Initial Access
T1212	Exploitation for Credential Access	Credential Access
T1195.002	Compromise Software Supply Chain	Initial Access
T1195.001	Compromise Software Dependencies and Development Tools	Initial Access
T1211	Exploitation for Defense Evasion	Defense Evasion
T1068	Exploitation for Privilege Escalation	Privilege Escalation
T1210	Exploitation of Remote Services	Lateral Movement
T1195	Supply Chain Compromise	Initial Access

Showing 1 to 8 of 8 entries