ThreatHunting – A Splunk App Mapped To MITRE ATT&CK To Guide Your Threat Hunts
This is a Splunk application containing several dashboards and over 120 reports that will facilitate initial hunting indicators to investigate. You obviously need to be ingesting Sysmon data into Splunk, a good configuration can be found here Note: This application is not a magic bullet, it will require tuning and real investigative work to be […]