What topics are presented in the Hunting and Investigation Guide?
What topics are presented in the Hunting and Investigation Guide?
The Hunting and Investigation Guide contains sample hunting queries, select walkthroughs, and best practices for hunting with Falcon. This encompasses practical examples and strategies for identifying threats and anomalies using Falcon's tools and methodologies.
C. Sample hunting queries, select walkthroughs and best practices for hunting with Falcon The Hunting Guide for Windows teaches you how to hunt for adversaries, suspicious activities, suspicious processes, and vulnerabilities on the Windows platform using Falcon. This guide contains information about how to hunt using Falcon and is tailored specifically towards users running the Falcon sensor on Windows devices. However, a lot of the ideas and concepts also apply to users running the Falcon sensor on Mac or Linux. Depending on the sensor platform, however, the names and descriptions of certain events as well as custom query syntax will vary