PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
June 2017, Vol. 19, No. 5

Report: Threat hunting is more SOC than intel

Threat hunting is found mainly at larger enterprises in a handful of industries. A 2017 threat hunting survey of 306 IT and security professionals by the SANS Institute indicated that, at many organizations, the process is new and poorly defined. Hunting programs are more likely in financial services, high tech, military or government institutions and telecommunications sectors, as well as companies that "have been heavily targeted in the past," according to SANS Institute researchers. The survey found that many organizations did not have security programs that were mature enough to support threat hunting capabilities. Less than half of respondents, 45%, said their process is largely ad hoc and dependent on what they need; 27% indicated they have defined their own hunting methodology; and 16% do not do any threat hunting. According to SANS, many organizations need more mature threat intelligence capabilities in their security operations centers (SOCs) before they can benefit from hunting practices. Trained threat hunters ...

Features in this issue

Columns in this issue

Enterprise Desktop
Cloud Computing