Cybersecurity leaders are engaged in a difficult arms race against the threat actors who seek to attack their organizations. They recognize that passive controls and existing security technologies are limited in terms of what kinds of malicious activity they can uncover and how quickly and efficiently they can do so.
In contrast, threat hunting is the proactive approach of uncovering the threats that linger within the environment. Threat hunting provides a second level of defense, intended to address gaps in the overall cybersecurity architecture by finding and disrupting attackers that have evaded the organization’s automated defenses.
The purpose of this paper is to introduce an effective framework and methodology to threat hunting that enables SecOps teams to plan and conduct hunts that maximize the opportunity to successfully find and disrupt attacks in progress.
Sponsored by ChaosSearch
Individual, Student, and Team memberships available.