July 12, 2018
Kris Palmer

The Gamer Theory of Threat Hunting

<p><em>Teamwork. Determination. Satisfaction.</em> Video gaming missions provide us with an escape from reality that is often viewed as simple and relaxing. However, the dedication required to conquer these complex missions goes largely unnoticed. The copious, and often draining, amounts of effort and cooperation applied to these missions is rewarded by overcoming the obstacles and completing the challenge. The teamwork, determination, and satisfaction of gaming missions are characteristics also visible in a unique approach of defense in the cybersecurity industry—threat hunting.</p><p>As hackers continue to bypass perimeter defense strategies, many organizations are shifting to iterative hunting exercises supported by threat intelligence operations. Threat hunting is based on the hypothesis that threats are actively adapting to and eluding defenses. The similarities that can be drawn between threat hunting and video gaming stem from the nature of their task: overcome obstacles to achieve an objective.</p><p>In gaming missions, the difficulty of challenges is programmed, largely remaining unchanged. With repetition, one only gets better and more likely to succeed. Similarly, individual threat actors often use the same set of proven techniques over time. By creating an iterative hunting process involving a threat intelligence ecosystem, hunters optimize threat response speed and success.</p><p>Still, the dynamic nature of threat actors makes hunting uniquely different to gaming in the aspect of difficulty. Threat hunters are tasked with identifying changes in attack trends and subsequently building threat model profiles of entities they encounter. While more static in nature, gaming missions require similar planning and collaboration between team members in order to achieve their goal.</p><p>Ultimately, the comparison between video gaming and threat hunting highlights their substantial correlation. Both require teamwork, determination, and ample effort in order to achieve an objective. All of this effort and coordination toward overcoming obstacles, from difficult levels to elusive threats, is rewarded with the satisfaction of success. For more information on this unique approach to cybersecurity and why we call it “hunt gaming,” check out my whitepaper, <a href="https://www.anomali.com/resources/whitepapers/threat-hunt-gamer-primer?cid=7011Y000002F8gj" target="_blank">The Gamer Theory of Threat Hunting: A Unique Approach</a>.</p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.