Using Log Analytics to Find and Neutralize Hidden Threats in Your Environment
Although it’s a human activity, threat hunting does rely on technologies and processes. In particular, as the detailed example in this paper will show, effective threat hunting requires immediate access to massive data sets,
including long-term historical data. Typically, this need exceeds the capabilities of existing SIEM systems or legacy log management systems in place in most organizations today. With access to the right data, on
demand as needed, Kibana allows the hunter to conduct a wide range of searches, run advanced queries, and create visualizations that help the hunter home-in on the adversaries and dramatically accelerate the time to
identify and stop a breach.