THE IMPORTANCE OF DEFINING THREAT HUNTING
The practice of cyber threat hunting continues to generate a great deal of discussion as organizations continue to seek out new ways to enhance their defensive capabilities.
As the attack landscape continually grows, many security teams have found that the traditional approach of monitoring and responding to alerts is no longer scalable.
Instead, a forward-thinking search for attackers and weaknesses is necessary to prevent compromises from escalating beyond recovery. For as long as humans have engaged in warfare, the strongest armies have not only focused on strong offensive capabilities, but also actively patrolled their defenses looking for signs of attack and methods of improvement. It has long been a common practice to continually assess your security posture for failures and opportunities to advance.
Now, as battlefields continually evolve into the modern cyber terrain we strive so hard to defend, this approach has also evolved with the current wave of cyber threat hunters. Security conscious organizations know that the strongest defenses can no longer position themselves as purely reactive . They must instead seek out the undetected, identifying the unpredictable before an attack can evolve beyond their control. Therefore, it is important that we move beyond the buzzwords and hype and instead set realistic expectations for what a threat hunter is and what they can achieve.
