By using this site, you agree to the IDC Privacy Policy

Nov 2017 - IDC PlanScape - Doc # US43208717

IDC PlanScape: Threat Hunting

By: Mike ChappleAdjunct Research Advisor

Table of Contents

IDC PlanScape Figure

Figure: IDC PlanScape: Executive Summary of Threat Hunting

Executive Summary

Why Is Threat Hunting Important?

Attackers Are Increasingly Sophisticated

Computing Environments Are More Complex

Most Attacks Go Undetected for Extended Periods of Time

Threat Hunting Puts Teeth Behind "Assume You Are Already Compromised"

What Is Threat Hunting?

What Do Threat Hunters Search For?

Threat Hunting Systematizes and Automates Hunches

Figure: Interest in Threat Hunting, 2010-2017

Apply Threat Intelligence Solutions in a Practical Way

Who Are the Key Stakeholders?

Table: Key Stakeholders

How Can My Organization Take Advantage of Threat Hunting?

Begin with What You Already Have

Use a Risk-Based Approach

Don't Operate in a Vacuum

Integrate with the Security Operations Center to Increase Visibility

Think Like an Attacker

Figure: Cyber Kill Chain

Consider Using Managed Threat Hunting Services

Essential Guidance

Figure: Essential Guidance for Effective Threat Hunting

Related Research


Related Links