Cyber threat hunting is the process of proactively searching across networks and endpoints to identify threats that evade existing security controls.
Threat hunters are the cyber security professionals tasked with performing threat hunting. Using a combination of manual and machine assisted techniques, threat hunters search for indicators of compromise (IOCs) across an organisation’s IT environment.
By monitoring and responding to network events, as well as activity on individual hosts, threat hunting significantly improves threat visibility. This enables hunt teams to identify unknown threats, as well as perform the forensic analysis needed to understand and break the kill chain of attacks.
Threat hunting is resource-intensive, requiring a deep understanding of cyber threats and the tools, tactics and procedures (TTPs) of criminal adversaries. Without this level of expertise, organisations risk leaving themselves exposed.