Cyber threat hunting, once the job of only highly trained specialists, is maturing and growing more operationalized. While cyber threat hunting will always require the knowledge, critical thinking and skills of seasoned professionals, hunting capabilities are becoming more automated and integrated into overall SOC functions.
In this webcast, SANS Threat Hunting and Incident Response Curriculum Chair Rob Lee will discuss how threat hunting has matured during the past three years, including:
- Whether or not organizations are integrating their threat hunting activities with cyber threat intelligence (CTI)
- Benefits and drawbacks of integrating with CTI
- Improvements made on gathering endpoint threat intelligence collection (which was a weak point among respondents to our 2017 survey)
- Best and worst technologies, standards and processes for hunting
- Specific examples of hunts filled in by respondents