Threat hunting is one of the most powerful capabilities an organization can have. It enables identification of new and emerging threats in an environment. Often long before other more reactive security tools. This reduces not only the mean-time-to-detection (MTTD), and the attacker’s dwell time, but also the potential harm to data and systems. Despite this, organizations continue to struggle integrating threat hunting into their security operations. This challenge often starts with understanding the types of threat hunting, and how, and where, to use them.
Attendees will gain valuable insights into
- What is threat hunting, and what organizations need to do it right.
- Why “IOC Hunting” isn’t actually threat hunting at all.
- The roles of unstructured vs structured hunting, and the pros and cons of both.
- How the right content can drive more efficient threat hunting operations.