Hunting for a Standard Methodology for Threat Hunting Teams
Previous SANS Threat Hunting surveys examined the methods organizations used to conduct threat hunting; this year, the focus shifted to exploring how organizations develop their threat hunting methodologies and maintain them over time. This includes reviewing how those methodologies influence the selection of tools and technology and how organizations determine to staff their threat hunting teams.
Based on this year’s survey, decision-makers now recognize the importance of threat hunting. Many respondents want to improve threat hunting operations. Over the coming years, the demand for skilled staff will continue to increase, which is the main reason for threat hunting challenges.
In this whitepaper, certified SANS instructors Mathias Fuchs and Josh Lemon’s key findings include:
- 51% of respondents consider their threat hunting as still maturing
- 68% of organizations measuring their threat hunting saw an increase between 25% to 75% in the overall security posture of their organization
- 47% of organizations that threat hunt have noticed an improvement in the accuracy of threat detections and fewer false positives
Download the paper to find out how your peers are moving their threat hunting operations forward.