Threat Hunting takes your organization's security to the next level. Once an enterprise has been secured there is the lurking question of what else could there be. GRIMM’s threatening hunting combines understanding of the customer’s infrastructure with adversaries TTPs and emerging threats to develop informed, hypothesis driven, studies of are hostile actors operating in your network and how can they be detected.
We begin with an assumption that advanced threat actors (or Advanced Persistent Threats) are well funded and very capable. From this assumption we conclude that the advanced hostile actors are going to perform reconnaissance of a target enterprise and customize tools to avoid defenses and protections. They will penetrate the network through any of the weak points of the enterprise and deposit malware that is designed to avoid detection and act long term. Once a beach head is established additional targets can be identified and exploited, data can be discovered and copied off network.
GRIMM utilizes our threat hunting methodology to understand the enterprise, develop studies based on hypothesis of threats, collect data required for the study, develop data analytics and tools to understand the data, and feed the results back into the Enterprise NOC/SOC.
A GRIMM representative will reach out as soon as possible.