We’ve published this guide to provide a clear understanding of what threat hunting is and what it isn’t.
The security vendor community often makes this confusing by using the term to describe things that aren’t truly threat hunting.
We, here at CybeMaxx define Threat Huntings as:
Threat hunting is a proactive, human-led pursuit guided by threat intelligence that seeks to discover adversary activity, that has evaded existing security controls. Its goals are to reduce dwell time, minimize the negative impact to the business, of security incidents, reduce the attack surface, and improve overall security posture.
The goal of this guide is to help organizations cut through this noise and create a threat hunting function that is comprehensive, effective, and seamlessly integrated with an equally effective detection and response motion.
What’s included:
- The four definitive pillars of effective threat hunting
- Insights into threat hunting, MDR and the Risk Reduction Flywheel
- Anatomy of a successful threat hunt
Meet the Author
Jeremy Wiedner
Principal Analyst, Jeremy on LinkedIn
Jeremy has over 10 years in the cybersecurity industry and has excelled in both technical and leadership roles. He has mentored, trained, and led both local and remote teams. He leverages his investigative skills honed over his years in law enforcement in his role as a Security Operations Center Analyst.
He is a technical leader who can fill in for his team members both in Security Analyst and Threat Hunting capacities when needed. Throughout his various roles, he has gained knowledge of adversary Tactics, Techniques & Procedures (TTP’s) as well as how to use them to protect clients. He is currently taking a course on “Hunting Adversary Infrastructure” to help stay current on the latest adversary TTP’s.
Jeremy applies his knowledge of adversary TTP’s as well as the skills gained through his three SANS certifications to protect his assigned clients. Jeremy also applies his skills and knowledge to train and upskill the other threat hunters.