Explore an example strategy and hypothesis, followed by an examination on what to hunt for, a look into tracking threat hunting, what are the outputs of threat hunting, and an acknowledgement of the current limitations of threat hunting publicly available.

The Challenge – In our last white paper ‘The Fundamentals of Threat Hunting. Hunt Like a Pro’ we brought to light the fact that most organisations had a very limited understanding of what threat hunting is, and that without the right threat intelligence it is practically impossible to know what information is available across all digital platforms. Especially regarding business information and data. In fact, we concluded that most organisations are unaware of who or what is targeting them at any given time. And what organisations do know, often gets confused with other areas of detection and response.

In this paper, we take this discussion a step further to provide a checklist of:

Key questions analysts must ask when implementing threat detection.
Key questions management must ask when implementing threat detection.
An exploration of an example strategy and hypothesis.
An examination on what we are hunting for.
Analysis of the outputs of threat hunting and current limitations.