Organizations are constantly being challenged by an increasing number of cybersecurity threats. As the severity and frequency of attacks rise, there is a call for a more proactive approach: threat hunting.
Threat hunting incorporates tools-based and human-driven detection to fend off computer-related cyberattacks. This is rapidly becoming a key function for modern security operations centers (SOCs) that employ cybersecurity “hunters” to spot suspicious behavior within areas of a network and, through threat analysis, prevent or uncover security incidents or weaknesses that might otherwise go undetected.
“Proactive threat hunting” is one of the newest offensive strategies that Managed Services Providers (MSPs) and enterprises alike are employing and is proving to be a great threat intel gathering method. Consequently, there are more organizations who now have a dedicated threat-hunting platform in place to address emerging cyber-related threats. In fact, the 2018 Threat Hunting Report from Cybersecurity Insiders (sponsored by Alert Logic) shows “60% of organizations surveyed are planning to build out threat hunting programs over the next three years.” Doing so, “more organizations are moving away from traditional reactive security while incorporating threat hunting techniques in their cybersecurity strategy.”
Threat hunting is quickly becoming a favorite in many companies’ security programs, as it ensures a level of situational awareness that other methods might not reach so quickly. Setting up a threat-hunting framework can be highly effective in protecting critical infrastructures against cyberthreats and any suspicious activity, incidents and vulnerabilities. Hunters can assess risks and test security controls.
If adding threat hunters to some team or training existing personnel is not an option, companies are also considering Threat Hunting-As-A-Service (THaaS) to reap the benefits of services such as “hunting health checks” without adding HR overheads. Getting started is often deemed as one of the toughest parts of hunting, so employing (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Daniel Brecht. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/KNY3HDL9lKU/