Enterprise Threat Operations

Let our Threat Operations team stand guard

Novacoast Threat Hunting and Threat Operations services are designed to deliver proactive threat detection within customers' environments.

What we do

Threat Hunting and Threat Operations

Novacoast's Threat Operations service provides active threat hunting across an organization's endpoints. The services are provided by Novacoast's Threat Operations Team (TOPS), a group of cyber security intelligence researchers, threat hunters, EDR experts, and incident responders. On we weekly basis the team:

• Gathers intelligence across the threat landscape.
• Includes industry specific threat intel.
• Prioritizes intelligence into a list of targeted threat hunts.
• Creates and test hunt queries.
• Performs hunts.
• Escalates any hits and provides remediation guidance.
• Leave behind watch list or alarms where the tooling allows.

Hypothesis Creation and Threat Hunt Creation

The Novacoast Threat Operations team relies on a combination of threat intelligence, environmental knowledge, past incidents that impacted the Customer, as well as their familiarity with Mitre Att&ck to define hypothesies—assumptions and theories about potential threat activity and compromise currently existing in the environment. Using these hypothesies, the Threat Operations team crafts a Threat Hunt—a series of activities that can be used to prove or disprove the existence of these threats.

Threat Hunt Activities and Reporting

Novacoast Threat Operations team execute these threat hunts regularly then communicate this information back to the customer through formal reporting. Critical findings can be communicated more urgently, while less critical information is delivered through a regular reporting cycle.