Hunting For Supply Chain Compromise When to Use - When proactively hunting for indicators of hunting for supply chain compromise in the environment - After threat intelligence indicates active campaigns using these techniques - During incident response to scope compromise related to these techniques - When EDR or SIEM alerts trigger on related indicators - During periodic security assessments and purple team exercises Prerequisites - EDR platform with process and network telemetry (CrowdStrike, MDE, SentinelOne) - SIEM with relevant log data ingested (Splunk, Elastic, Sentinel) - Sysmon deplo…