Threat Hunting is Growing Up in the SOC, Study Finds

Share and earn Cybytes
Facebook Twitter LinkedIn Email

by Bricata

Some 40% of cybersecurity organizations say they conduct threat hunting today, according to the 2018 Threat Hunting Report by Cybersecurity Insiders. While that’s just a 5% bump over the same survey conducted last year, the survey also found six out of every 10 respondents say their organizations have plans to build out threat hunting programs over the next three years.

While the concept of threat hunting is still relatively new, the survey this year suggests threat hunting has gained considerable traction. Indeed, 84 percent of those surveyed agreed “that threat hunting should be a top security initiative.”

We are keenly interested in the trends that are shaping threat hunting, so we’ve culled through data to surface the following three points we think our community will find interesting.

1) The purpose of a threat hunting program

Threat hunting is the process of seeking out adversaries on a network that are sophisticated enough to evade conventional detection techniques. This survey found that’s the top challenge facing the security operations center (SOC):

39% said emerging or advanced threats are missed by traditional security tools; and55% said detecting advanced threats – known and unknown – is the top challenge.

That’s a straightforward case for establishing a threat hunting program and the study suggests clearly defined goals fall right into place. The top goals respondents identified for their threat hunting programs are as follows:

56% said “reducing exposure to external threats;”52% said “improving speed and accuracy of threat response;” and49% said “reducing the number of breaches.”

While it wasn’t part of this survey, credible threat hunting experts have noted that threat hunting programs serve additional purposes. For example, the knowledge of the technology environment that is gained in the process of threat hunting can be used to improve static detection and overall defenses.

In addition, threat hunting programs can also serve as a valuable professional development tool that doubles as a recruiting and retention benefit. While that’s an ancillary benefit to reducing threats, it’s worth highlighting given the cybersecurity talent shortage the industry is facing.

To read the entire post, please click here.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Bricata
Bricata is a cybersecurity solutions provider that combines a powerful network threat hunting platform into a comprehensive threat detection and prevention solution to help determine the true scope and severity threats. Bricata simplifies network threat hunting by identifying hidden threats using specifically designed hunting workflows that use detailed metadata provided clearly and eases your transition from the known to unknown malicious activities in conjunction with an advanced threat detection and prevention platform which detects zero-day malware conviction.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?