How to detect a cyber threats

Source

How to detect a cyber attack or a threat

Hi Medium! Here we are again with a new article, today we will talk about advanced threat detection and the several methods used in defense as follows:

1. Threat Detection Team

Facing different attacks is not an easy job, the threat detection team need to act in a fast and efficient way when a hacker slipped past their defenses. Threat detection is where the security guys that work within an organization identify “known” and “unknown” attacks (sophisticated ones). Professionals said that threat detection becomes harder and harder looking at the new technology and tools used by attackers.

Source

2. How We Can Detect Threats

Threat detection needs both human element and good technology, where we define:

+ Human Element

The presence of a human is so important where their presence is crucial, beginning with the configuration of the technical tools used until the analysis of threat behavior. A security analyst analyzes threats, detect patterns, study the malware behavior, and indicate if abnormal data are a threat or a false positive.

+ Technology used

The technology used for detection facilitates the control of data going within the network and gives us the ability to block or allow ingoing/outgoing packets. Managing millions of packets entering the network is not a human job.

The tools that we will list below need to be integrated to detect threats before it becomes a serious problem:

This technology needs to be implemented in a SOC (Security Operation Center), where we can find all the teams needed for detection, response, mitigation, and forensics. if you want to understand SOC check this article by Hamza M’hirsi SOC Tech.

Summary

In this article, we discovered threat detection as a concept and what we really need to implement this technique in an environment.

I hope that you enjoyed my article, if you have something to add or to correct please don’t hesitate to write a comment, see you soon ^ ^