Training: How to threat hunt

Jan Kaastrup, CTO at CSIS shares how they use LogPoint to threat hunt on network

Enjoy Full Access To LogPoint Training

Access the training

According to the 2020 Verizon Data Breach report, more than 25% percent of breaches took months or longer to discover.

Threats are continually changing and becoming more sophisticated, making it impossible to buy a tool that detects every potential cyberthreat. You can help protect your business by taking a proactive approach to threat hunting. According to the 2020 Verizon Data Breach report, more than 25% percent of breaches took months or longer to discover. Months inside the network is more than enough time to cause damage to any organization. Threat hunting is a proactive way to uncover advanced threats that are difficult to detect using automated security systems. 

Organizations primarily use cyber threat hunting to detect top-tier attackers, such as advanced persistent threats from state-sponsored groups. Government-backed attacks are covert and persistent. They aim to maintain a foothold in the network for a longer period of time so as not to cause significant disruption that automatic security systems can detect. Undetected, state-sponsored attackers can snoop around the network looking for confidential material or login credentials that will allow them to move laterally through the environment. Threat hunters actively look for evidence of active, covert threats in the IT environment. Successful threat hunters are experienced security analysts who are backed by threat hunting tools and have established security operations and response capabilities.

Access the training