SOC Experts Community - Beta
0 like 0 dislike
in SIEM by (2.2k points)

1 Answer

0 like 0 dislike
by (5k points)
Most organizations retain dark data only for compliance purposes. Identifying dark data totally depends on the privileges you have. However, if there is enough access, you can hunt the log files (server, customer etc.), data archives or even repositories.

Not to mention, just before you even start, understanding the value of dark data (unstructured and not collected) is important as the overheads along with analysis could get risky.

Hope this helps :)

SOC Experts - No. 1 Job Oriented Cybersecurity Training Program

View our Courses