We catch up with Microsoft’s Global Threat Hunting Lead, Shaw to discover how he went from being a military linguist to heading up an international team of cybersecurity experts.
In this podcast we talk to TechVets volunteer, Shaw who went from operating as an Arabic linguist in the US Army to retraining in tech. We discuss how he retrained, the set-backs, the opportunities and his top tips for nailing a technical interview.
He focuses on the mantra that ‘practice makes perfect’ and the utility of finding a mentor prior to putting yourself forward for technical interviews. If you’re interested in accessing TechVets community, join as a member and jump onto our Discord channel. You’ll find experts on hand who were just like you who are ready and willing to help guide you towards the right training, review your CV and prep you for those all important interviews.
Listen to Shaw’s top tips in full:
What is a threat hunter?
A Microsoft threat hunter is a security expert who proactively searches for and identifies threats to an organisation’s IT infrastructure. They use a variety of tools and techniques to identify malicious activity, including:
- Log analysis: Analysing logs from firewalls, intrusion detection systems, and other security devices can help identify suspicious activity.
- Network monitoring: Monitoring network traffic for unusual patterns can help identify malicious activity.
- Vulnerability scanning: Scanning for known vulnerabilities in software and hardware can help identify potential targets for attackers.
- Social engineering: Social engineering attacks can be used to gain access to sensitive information or systems. Threat hunters can use social engineering techniques to identify and mitigate these attacks.
Once a threat has been identified, threat hunters will work to investigate and mitigate it. This may involve:
- Containment: Isolating the affected system or device to prevent further damage.
- Eradication: Removing the malicious code or activity from the system or device.
- Remediation: Restoring the system or device to its previous state.
- Mitigation: Implementing measures to prevent similar attacks from happening in the future.
Threat hunting is an essential part of any organisation’s security program. By proactively searching for and identifying threats, threat hunters can help organisations prevent and mitigate attacks.
Here are some of the benefits of threat hunting:
- Proactive security: Threat hunting allows organisations to take a proactive approach to security by identifying and mitigating threats before they can cause damage.
- Improved visibility: Threat hunting can help organisations gain better visibility into their security posture by identifying threats that may not be detected by traditional security tools.
- Reduced risk: Threat hunting can help organisations reduce their risk of being attacked by identifying and mitigating threats before they can cause damage.
- Improved incident response: Threat hunting can help organisations improve their incident response capabilities by helping them to identify and respond to threats more quickly and effectively.
- Increased compliance: Threat hunting can help organisations increase their compliance with security regulations by identifying and mitigating threats that may violate regulations.