Skip to content

Trending tags

Five myths and truths about threat hunting

Noora Hyvärinen

10.02.20 2 min. read

Threat hunting is a hot new term in the cyber security world, but it’s not always used consistently. The term can be employed loosely – or even opportunistically – to refer to things other than the process of actively hunting potential threats. Some traditional security operations services have been rebranding what they already do as “threat hunting” without any improvement in the outcomes they deliver. So, what really is threat hunting?

Threat hunting is the process of discovering gaps in your detection coverage before a real attacker does. The gaps can be closed before an attacker makes use of them.

Threat hunting is the practice of assuming that an organization has been compromised. This includes understanding how an attacker would think and then using that to infer the techniques that an attacker would use to compromise the organization. Once the threat hunter has identified the techniques an attacker would have used, they can then create detection use cases that can be automated to improve the organization’s detection coverage.

Threat hunting isn’t the only thing needed to effectively defend against an attacker – it needs to work hand in hand with security operations. Countercept has developed Continuous Response, which is a combination of detection and response operations into a single methodology to cut down the response gap and enable an immediate response to any attack. When conducted properly, threat hunting and continuous response are integrated activities, each one constantly feeding into and improving the other.

To clear up what threat hunting really is – and what it really isn’t – we’ve created an infographic called “Myths and Misconceptions About Threat Hunting.”

Download infographic

The infographic is from a new paper published BY F-Secure Countercept: “Demystifying Threat Hunting”, intended to highlight common myths and misconceptions around the term. The paper also looks at what Threat Hunting means to actual practitioners and how it applies to the concept of Continuous Response. The paper describes what makes good threat hunting practice, and what tools need to be made available to threat hunters so they can excel at their task. Finally, the paper looks at emerging trends and offers some predictions about the future of threat hunting.

“Demystifying Threat Hunting” is a must-read for anyone who wants to understand new developments on the defensive side of cyber security – and especially for anyone who wants to understand what threat hunting really means.

Get the paper
Noora Hyvärinen

10.02.20 2 min. read

Categories

Leave a comment

Oops! There was an error posting your comment. Please try again.

Thanks for participating! Your comment will appear once it's approved.

Posting comment...

Your email address will not be published. Required fields are marked *

New for 2020:
Your complete guide to threat hunting

Download now

Related posts

Newsletter modal

Thank you for your interest towards F-Secure newsletter. You will shortly get an email to confirm the subscription.

Gated Content modal

Congratulations – You can now access the content by clicking the button below.