PRO+ Premium Content/Information Security

Thank you for joining!

Access your Pro+ Content below.

June 2017, Vol. 19, No. 5

Report: Threat hunting is more SOC than intel

This article is part of the Information Security issue of June 2017, Vol. 19, No. 5

Threat hunting is found mainly at larger enterprises in a handful of industries. A 2017 threat hunting survey of 306 IT and security professionals by the SANS Institute indicated that, at many organizations, the process is new and poorly defined. Hunting programs are more likely in financial services, high tech, military or government institutions and telecommunications sectors, as well as companies that "have been heavily targeted in the past," according to SANS Institute researchers. The survey found that many organizations did not have security programs that were mature enough to support threat hunting capabilities. Less than half of respondents, 45%, said their process is largely ad hoc and dependent on what they need; 27% indicated they have defined their own hunting methodology; and 16% do not do any threat hunting. According to SANS, many organizations need more mature threat intelligence capabilities in their security operations centers (SOCs) before they can benefit from hunting practices. Trained threat hunters ...

Access this PRO+ Content for Free!

You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login above.
Please provide a Corporate Email Address.
You forgot to provide your first name.
You forgot to provide your last name.
You forgot to provide a job title.
You forgot to provide a company name.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Features in this issue

Experian's Tom King tackles role of CISO from the ground up
by Alan R. Earls
An early career as a geologist helped the veteran financial services CISO thrive in the security field. The CISO role is now broader than technical functions, he says.
Verizon DBIR 2017: Basic cybersecurity focus misplaced
by Michael Heller
Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017.

Columns in this issue

Report: Threat hunting is more SOC than intel
by Kathleen Richards
Threat hunting is driven by alerts with less emphasis on cyberthreat intelligence, according to researchers. Yet 60% of those surveyed cited measurable security improvements.
Wendy Nather: 'We're on a trajectory for profound change'
by Marcus J. Ranum
This former CISO talks about her uncharted path from international banking to industry analysis. What's next for infosec? We ask the security strategist those questions and more.

View Information Security Archives

Access your Pro+ Content below.

Report: Threat hunting is more SOC than intel

Features in this issue

Experian's Tom King tackles role of CISO from the ground up

Verizon DBIR 2017: Basic cybersecurity focus misplaced

Columns in this issue

Report: Threat hunting is more SOC than intel

Wendy Nather: 'We're on a trajectory for profound change'