Hunting out the threat within

Publish date:

Threat Hunting uniquely brings together automated threat data processing with in-depth human analysis to identify advanced persistent attacks and reduce the risk of a missed intrusion.

We’ve been helping a client in the aerospace and defense sector track down threats to its cybersecurity defenses. The government-owned organization has been protecting its assets with a dedicated Security Operations Center (SOC) provided by Capgemini.

Even though it was confident in the services our SOC was providing, the organization expressed an interest in our Threat Hunting services. These are designed to spot attackers that have successfully entered an IT system when protection and monitoring measures have failed to detect them.

Having been hacked in the past, our client wanted to be doubly assured that its activities in the highly sensitive sector within which it operated were protected. Our SOC could detect new attacks, but what about those that were lying dormant? The client was aware that persistent attackers, such as foreign governments, might have been successful in entering the system without being detected. As such, it commissioned our Threat Hunting services.

Investigating suspicious behavior

In a two-week project, a dedicated analysis was done on a defined critical perimeter, where Capgemini’s analysts investigated suspicious behaviors. Designed to prevent the likelihood of a missed intrusion into their IT system, these investigations focused on unknown persistent programs and modifications on known legitimate program..

Our Threat Hunting services epitomize “The Capgemini Effect” of adopting a human-centered approach to technology. Threat Hunting uniquely brings together automated threat data processing with in-depth human analysis to identify advanced persistent attacks and reduce the risk of a missed intrusion.

Crucially, with our SOC monitoring our client’s security round the clock, the results of our Threat Hunting investigation confirmed the integrity of the defined perimeter.

Related Posts

Cybersecurity

Cloud Security – Fix Governance not just technology

Lee Newcombe
Date icon June 12, 2019

Large enterprises in particular will be operating multi-modal IT, i.e. elements of...

Cybersecurity

The process side of things: Four areas of focus your SIEM/SOC efforts should consider

André Hohner
Date icon June 4, 2019

Often, the matters of processes or organizational structures are overlooked in SIEM/SOC...

cookies.

By continuing to navigate on this website, you accept the use of cookies.

For more information and to change the setting of cookies on your computer, please read our Privacy Policy.

Close

Close cookie information