What is Cyber Threat Hunting?
Most threats security analysts deal with are relatively unsophisticated and can be easily detected and mitigated with standard tools and
good security hygiene. But, a small, but growing percentage of them are advanced threats that will breach your defenses and gain a foothold in your network. After gaining that foothold, an attacker can remain hidden in your network for months as they quietly collect data, look for confidential material, or obtain login credentials that will allow them to move laterally across the environment.
This is where the cyber threat hunter fits in.
Cyber threat hunting is the practice of proactively and iteratively seeking out, tracking, and disabling the most skilled and dangerous network intruders. It is an analyst-centric process that typically starts with a hypothesis or trigger and proactively and iteratively searches through network, endpoints, and data to detect and isolate threats that have evaded traditional preventative controls.
