SANS White paper: Automating the Hunt for Hidden Threats
Organizations make the news and incur significant fines because they do not hunt for breaches and cannot detect and contain them in a reasonable period, not because attackers succeed. This white paper defines the process of automating the hunt for threats, and discusses how to deploy a continuous threat-hunting process while preparing a team to analyze threats to protect critical processes and data. It dives deeper into:
- Why do we need to hunt?
- How the Hunt cycle disrupts the Kill Chain
- The keys to a successful hunt platform