Or should we say a Intel-Driven Data Analysis Pyramid of Pain?
threat-hunting
In Part 2 of this series, we will explore the dimensions of information uncertainty, entropy and negentropy, superlinear defence-in-depth, latent space and threat intelligence as a decoding device for time-bound information.
The Prelude
Hello everyone, it would seem that time has gone quite fast and my temporal abilities to navigate the river of Chronos are not yet good enough. Ideally, I would like to train the power of slowing time, enjoying the shades of it as you go through your day.
Active Defence Adversarial Cyber Operations Framework or ADACOP, is a framework for sense-making and understanding the relationships between the different domains of active defence. ADACOP describes four tactical domains, namely: Design, Discover, Disrupt and Defend.
We discuss Active Defense, moving beyond a passive approach to detection. How can we intentionally shape threat actor behavior via Controlled Attack Paths and Cyber Deception? Defenders inadvertently influence attackers by the way they configure layered defenses, impacting attack preferences.
While Threat Hunting is commonly seen as proactive threat detection, we propose a broader approach through the lens of Active Defense. This involves intercepting and disrupting adversaries with the goal of actively shaping attacker behavior rather than relying solely on detection.