SANS White paper: Automating the Hunt for Hidden Threats

Organizations make the news and incur significant fines because they do not hunt for breaches and cannot detect and contain them in a reasonable period, not because attackers succeed. This white paper defines the process of automating the hunt for threats, and discusses how to deploy a continuous threat-hunting process while preparing a team to analyze threats to protect critical processes and data. It dives deeper into:

  • Why do we need to hunt?
  • How the Hunt cycle disrupts the Kill Chain
  • The keys to a successful hunt platform