Neuroscience & Security: The Default Mode Network and Threat Hunting

The brain is compromised of several neural networks. These networks, just as internet networks, traverse different regions of the brain. One network in particular that is important is the Default Mode Network (DMN). What's interesting about this network is that it is always active and processing, when your brain is not actively “doing” anything.

So when you're taking a walk, observing nature, or just people watching, this network is always running. The DMN, and many other neural networks, work on making predications based on information you have experienced in the past. That's what author, _____ presents in her book, _____. She asserts that the much of how we process our experiences is simply a set of instantaneous predictions. Sounds similar to machine learning huh?

In security when you run across a threat, you automatically make some predictions on this threat. But what will help differentiate you vs someone else are all the assumptions you make about that threat without all the information available.

Take for example an incident that says a piece of code in your CI/CD pipeline has been altered.