Threat hunting is the active search for “unknowns or lurked threats,” which describes new and novel attack behaviours that have the ability to evade automated methods of prevention and detection.
Studies shows, on average, it takes 10-days to detect an advanced threat, 39 days to mitigate & 43 days to recover from an advanced attack. While the ability to stop advanced threats improves each year, we face adversaries who are determined and creative in approach, and their techniques evolve just as quickly. So, It is hard to defend what you can’t see & understand using traditional security controls.
The condition raises a few questions: –
- When prevention falls, what do we have left to defend our organizations?
- How can we discover gaps as fast as possible?