Why did I started CTHoW? As someone with a huge passion for information security. It is always a must to keep on top of the latest TTPs of adversaries to be able to defend your network.
I was always impressed with the MITRE ATT&CK framework that helps the community by sharing the latest techniques, attackers are using nowadays in their engagements, and how companies can defend and mitigate these attacks to reduce down the impact of a (cyber)-attack.
One of the main reasons, I decided to share CTHoW was mainly because I felt that there wasn’t a clear ”how-to” detect TTP <XYZ>.
It was a lot about coverage and mapping your detecting techniques to MITRE ATT&CK, but let’s be honest. Most SIEM solutions aren’t that mature (yet) and it wouldn’t surprise me that most SIEM are still only collecting logs from the perimeter. CTHoW was developed to help Blue Teamers (Usually SOC / Threat Hunters) to improve their detection and investigation plan to have a sort of a ”basic”.
Huy is an information security professional with a huge passion for Identity & Access Management. He likes to share knowledge with the community and is known for all his publications around Windows & Active Directory security.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.