Table of Contents
IDC PlanScape Figure
Figure: IDC PlanScape: Executive Summary of Threat Hunting
Why Is Threat Hunting Important?
Attackers Are Increasingly Sophisticated
Computing Environments Are More Complex
Most Attacks Go Undetected for Extended Periods of Time
Threat Hunting Puts Teeth Behind "Assume You Are Already Compromised"
What Is Threat Hunting?
What Do Threat Hunters Search For?
Threat Hunting Systematizes and Automates Hunches
Figure: Interest in Threat Hunting, 2010-2017
Apply Threat Intelligence Solutions in a Practical Way
Who Are the Key Stakeholders?
Table: Key Stakeholders
How Can My Organization Take Advantage of Threat Hunting?
Begin with What You Already Have
Use a Risk-Based Approach
Don't Operate in a Vacuum
Integrate with the Security Operations Center to Increase Visibility
Think Like an Attacker
Figure: Cyber Kill Chain
Consider Using Managed Threat Hunting Services
Figure: Essential Guidance for Effective Threat Hunting