COMPLIMENTARY SANS REPORT
SANS 2018 Threat Hunting Survey Results
Companies adopt proactive strategies to combat breaches
In the last year, threat hunting has come into its own. Security is no longer about simple assessment and monitoring; today there is a strategy and a process that strives to preemptively identify and remove intruders.
Until recently, companies routinely tore apart their systems in an effort to track down human adversaries after they have infiltrated the network. Today, threat hunters actively prevent or minimize damage by identifying adversary activity earlier in the kill chain. How? It starts with threat intelligence and scalable endpoint detection technologies.
In this SANS survey, experts from SANS, Qualys and other organizations detail this new, iterative strategy. Specifically, they address:
- Characteristics of potential threats
- How to develop a threat hypothesis
- How to leverage third-party intelligence
- The role of automation in threat hunting
- Training your personnel to execute hunting operations
- Correlating threat intelligence and endpoint activity with vulnerability data and configuration hardening assessments
- Ensuring ongoing success