A threat hunter generates a report containing the list of users who have logged in to a particular database during the last 6 months, along with the number of times they have each authenticated. They sort this list and remove any user names who have logged in more than 6 times. The remaining names represent the users who rarely log in, as their activity is more suspicious. The hunter examines each of these rare logins in detail.
This is an example of what type of threat-hunting technique?
Harley
2 months agoFiliberto
2 months agoWhitney
1 months agoCatrice
1 months agoSocorro
2 months agoCeleste
2 months agoMira
2 months agoBritt
2 months agoSelma
2 months agoVicky
3 months agoTarra
3 months agoKimberlie
3 months agoSharee
3 months agoReuben
3 months agoCeleste
3 months agoSean
3 months agoWenona
2 months agoFrank
2 months agoGaston
3 months agoDwight
3 months agoClay
4 months agoNobuko
2 months agoJosue
2 months agoRebecka
3 months agoShawnta
3 months ago