Threat hunting is a cyber defense activity that’s fully focused on identifying threats early on. Detecting new campaigns through continuous threat hunting can save your company a lot of time and money.
The current state of threat hunting
Threat hunting as a dedicated practice is a relatively new concept. The SANS Institute surveyed a group of respondents that were using threat hunting programs and found:
- 75% reduced their attack surface after taking a more aggressive threat hunting stance
- 59% believe threat hunting made their incident response efforts faster and more accurate
- 52% found previously undetected threats using threat hunting
. . . it wasn’t all sunshine and roses. SANS also found:
- Four out of ten respondents did not have a formal threat hunting program in place
- 88 percent believe threat hunting programs needed an upgrade
Old-fashioned techniques such as antivirus and firewalls aren’t enough to protect your corporate IT infrastructure.
Earlier SOC teams used to thoroughly analyze such threats and prepare an extensive report. Time-to-remediation using this process was typically around 48-72 hours. Modern cybersecurity can no longer afford to be reactive, slow, and alert-driven. You need to be proactive and fast.
The Netenrich Solution
Netenrich’s threat hunting capabilities represent the next jump in cyber warfare. Our proprietary threat intelligence performs active threat-hunting by continuously crawling the web and stitching together associated IOCs. Upon detecting a high-frequency of similar IOCs, we start looking for historical context to make sense of the findings.
Netenrich then immediately notifies your SOC about the potential threat. Your team gets everything it needs to strengthen your attack surface.