Hunting out the threat within

Publish date:

Threat Hunting uniquely brings together automated threat data processing with in-depth human analysis to identify advanced persistent attacks and reduce the risk of a missed intrusion.

We’ve been helping a client in the aerospace and defense sector track down threats to its cybersecurity defenses. The government-owned organization has been protecting its assets with a dedicated Security Operations Center (SOC) provided by Capgemini.

Even though it was confident in the services our SOC was providing, the organization expressed an interest in our Threat Hunting services. These are designed to spot attackers that have successfully entered an IT system when protection and monitoring measures have failed to detect them.

Having been hacked in the past, our client wanted to be doubly assured that its activities in the highly sensitive sector within which it operated were protected. Our SOC could detect new attacks, but what about those that were lying dormant? The client was aware that persistent attackers, such as foreign governments, might have been successful in entering the system without being detected. As such, it commissioned our Threat Hunting services.

Investigating suspicious behavior

In a two-week project, a dedicated analysis was done on a defined critical perimeter, where Capgemini’s analysts investigated suspicious behaviors. Designed to prevent the likelihood of a missed intrusion into their IT system, these investigations focused on unknown persistent programs and modifications on known legitimate program..

Our Threat Hunting services epitomize “The Capgemini Effect” of adopting a human-centered approach to technology. Threat Hunting uniquely brings together automated threat data processing with in-depth human analysis to identify advanced persistent attacks and reduce the risk of a missed intrusion.

Crucially, with our SOC monitoring our client’s security round the clock, the results of our Threat Hunting investigation confirmed the integrity of the defined perimeter.

Related Posts

Cybersecurity

Cybersecurity: Don’t trust anyone

Geert van der Linden
Date icon November 25, 2020

Zero-trust security isn’t a one-time measure, it’s a check that must be carried out again and...

Cybersecurity

Cybersecurity Architecture: Some matters of opinion

Lee Newcombe
Date icon November 18, 2020

Good architecture helps to align the systems we build and operate to the underlying needs of...

Cybersecurity

Application Security Testing: Agility meets security

Date icon October 27, 2020

By combining automated processes and human expertise in effective and relevant solutions, it...