Threat Hunting

Definition

What is Threat Hunting?

Threat Hunting is a proactive process aimed at locating and identifying advanced or sophisticated threats that have not been detected through automated security measures alone. This is an active approach where information security experts use techniques, tools, and professional knowledge to identify signs of attacks, suspicious activities, or the presence of attackers in the organization’s systems.

Threat Hunting helps organizations improve their defense capabilities by early identification of sophisticated threats that could bypass existing security measures, thereby minimizing damage and enhancing the system’s resilience against cyberattacks.

It is important to note that Threat Hunting is a proactive process for finding attackers or malware, unlike Digital Forensics, which is carried out during and after an event as part of the incident response plan (IRP).

You may also find interesting

Network Access Control

Intrusion Detection and Prevention System

You may also find interesting

Network Access Control

Intrusion Detection and Prevention System

Glossary

Sandbox

A Sandbox is an isolated environment where code or software...

Read More

Hashing

Hashing is a cryptographic process that transforms an input ("message")...

Read More

Antivirus

The traditional Antivirus software is designed to detect, block, and...

Read More

MITRE

MITRE is a not-for-profit organization that operates federally funded research...

Read More

MITRE ATT&CK

MITRE is a not-for-profit organization that operates federally funded research...

Read More