The findings of a Cyber Threat Hunt will depend on the scope of the Hunt which will be agreed at the start. Organisations will be asked what they wish the priorities of the Hunt to be such as active external threats, suspicious user activity, insecure software, data leakage or a whole host of other options.
Some of the insight that 7Safe might deliver with a Threat Hunt includes:
- Data being exfiltrated from an organisation using third party file sharing applications
- Personal data being stored in insecure locations
- Out-of-date or unpatched software running on critical systems
- Administrator rights being abused
- Sensitive data being regularly copied to removable media devices beyond the scope of security controls
- Unknown or unauthorised programs being run on user systems
- Unusual file access activity being recorded by file shares
- Privilege escalation within normal user accounts indicating malware or rogue insider activity
- Detection of unusual network traffic from core systems.