Understanding Threat Hunting from Inside Organizations
Previous SANS Threat Hunting Surveys focused on how threat hunting is seen inside an organization, how they approach it, and the concepts behind the benefits of using threat hunting. The 2020 survey did cover those topics, but also looked at how organizations are applying threat hunting in their environments and how they stay on top of threat actors. Also reviewed were the tools and techniques being used by organizations and if that has changed over time.
In this webinar, certified SANS instructors, Mathias Fuchs, and Joshua Lemon review the survey findings and cover these key topics:
- How do hunters conduct their searches for signs of a threat or indicators of compromise not yet detected by other security systems?
- Are they regularly checking on known threats targeting misconfigurations and other vulnerabilities?
- Do they find value in looking for totally unknown attack types?
- What type of access do hunters have to detection and response teams and for what purposes?
- Does their automation match with what the human operators need to assist in their hunts?
Make threat hunting useful for your organization and watch the on-demand webinar.