David Bianco's Blog Posts
David is a member of Splunk's SURGe team, where he conducts research in incident detection and response, threat hunting, and Cyber Threat Intelligence (CTI). He is also a SANS Certified Instructor, where he teaches FOR572 Network Forensics and Threat Hunting.
Display Mode
Paginated
Filter
Author
Author URL
Limit
6
Matching AI Strengths to Blue Team Needs
Discover how AI and Large Language Models (LLMs) enhance cybersecurity operations for Blue Teams.
What Is Threat Hunting?
The goal of threat hunting is NOT to find more security incidents — it’s to drive continuous improvement across your entire security program. Learn more here.
Hypothesis-Driven Cryptominer Hunting with PEAK
A sample hypothesis-driven hunt, using SURGe's PEAK threat hunting framework, looking for unauthorized cryptominers.
The “Why” of Threat Hunting Has Changed
When hunting emerged, most organizations used it to discover incidents that their automated detection systems missed. However, as hunting has matured, we’ve come to realize that its impact goes far beyond just finding security incidents.
Measuring Hunting Success with PEAK
Splunker David Bianco explains how an effective threat hunting program is one of the best ways to drive positive change across an organization’s entire security posture.
Turning Hunts Into Detections with PEAK
In this post, we’re going to look at something the PEAK framework refers to as the Hierarchy of Detection Outputs.