Threat hunting is an in-demand skill within cybersecurity.
A survey of 461 security and IT professionals published last year found 84% of respondents believed threat hunting should be a top priority for their business. The same study also showed about 40% of security organizations have implemented threat hunting programs – and the other 60% have plans to do so over the next three years.
In our observation, the interest level remains high because it’s an important part of a layered defense. More specifically, threat hunting is aimed at finding sophisticated threats that have actively evaded detection by traditional tools.
At the same time, not everyone has the skills or experience to begin a threat hunting initiative. There are fundamental questions that security professionals need to answer to get started, such as:
- What is threat hunting?
- What are we trying to accomplish?
- What skills do we need?
- What tools and data sources should we use?
- How do we operationalize threat hunting?
When we see questions like that, we view it as an opportunity to support the greater cybersecurity community. That’s why we teamed up with Cybrary, the crowd-sourced learning platform, to develop the free course, Introduction to Network Threat Hunting.
The session is broken down into bite-sized lessons including the following:
- Define threat hunting and focus on the network aspects of the activity;
- Identify key pillars of setting up a successful hunt;
- Walk through the skills, process and tools for threat hunting;
- How to develop a threat hunting hypothesis for getting started; and
- Introduce some analytical techniques for identifying anomalies.
The only requirement to view this session and download the supporting resources is to sign up for a free Cybrary account. It’s worth your while, not just for this course, but also because Cybrary offers a vast array of courses that you can take to develop and grow your cybersecurity skills.
Additional Resources for Learning about Threat Hunting
Separately, we’ve also produced a growing body of resources around threat hunting which are available on this website. We thought it would be useful to curate some of those resources here as additional options for learning more about threat hunting.
- Make it Harder to Hide: 3 Techniques for Conducting Threat Hunting at Scale
- 7 Simple but Effective Threat Hunting Tips from a Veteran Threat Hunter
- Here’s What Network Threat Hunting Means, Why It Matters, and How to Get Started
- 7 Key Cybersecurity Factors Shaping Threat Hunting Technologies
Resources for understanding how Bricata supports threat hunting in our product:
- How Enhanced Network Metadata Resolution Facilitates Network Threat Hunting
- Bricata Delivers Improved Threat Hunting with Enhanced Network Metadata Resolution, Scalability, and View Customization
- 7 Security Trends Shaping Today’s Threat Detection Technology
If you enjoyed this post, you might also like:
Zeek IDS [formerly known as Bro] is One of the Most Powerful Cybersecurity Tools You’ve Never Heard Of