Threat Hunting in Action: SANS 2018 Survey Results, Part II
Cyber threat hunting, once the job of only highly trained specialists, is maturing and growing more operationalized. While cyber threat hunting will always require the knowledge, critical thinking and skills of seasoned professionals, hunting capabilities are becoming more automated and integrated into overall SOC functions.
In this webcast, SANS Threat Hunting and Incident Response Curriculum Chair Rob Lee will discuss how threat hunting has matured during the past three years, including:
- Whether or not organizations are integrating their threat hunting activities with cyber threat intelligence (CTI)
- Benefits and drawbacks of integrating with CTI
- Improvements made on gathering endpoint threat intelligence collection (which was a weak point among respondents to our 2017 survey)
- Best and worst technologies, standards and processes for hunting
- Specific examples of hunts filled in by respondents
Register for Part I of this webcast, \Threat Hunting Is a Process, Not a Thing," here.
Results will initially be discussed at the SANS Threat Hunting and Incident Response Summit on September 6-7. Full whitepaper developed by Rob Lee will be available on the day of the live webcast.
.png "Anastasia Sentsova")
