SANS Report:
Threat Hunting - Open Season on the Adversary


Overview

In 2016, three absolute facts are relevant when it comes to security: 1) an organization cannot prevent all attacks; 2) an organization’s network is going to be compromised; and 3) 100% security does not exist. This means that adversaries will breach your organization’s protection—if they haven’t already. The goal of security, then, is not just about stopping adversaries, but also about controlling and minimizing the overall damage from an incursion. The main method for finding adversaries already in our networks is threat hunting—an area on which security personnel are increasingly focusing their attention.

Findings:

  • What threat hunting entails 
  • What pitfalls stand in the way of attaining actionable results 
  • What organizations are discovering through threat hunting 

Download Now!