Enterprise cyber-security in 2016 means going on the offensive. Perimeters are penetrated constantly, both internally and externally.

Building an effective threat-hunting team can improve a network’s defense quantifiably, in part by freeing security operators from being inundated with alerts and focusing teams on investigating the real potential threats in their network.

Defining the roles and responsibilities related to hunting is an important part of hunt preparation and executing a successful hunt philosophy.

The hunt team itself usually is made up of Tier-3 security operations center (SOC) personnel and incident responders, but many other individuals and teams also must be involved, as hunting can’t succeed without their participation and involvement. However, building a hunt team doesn’t necessarily mean adding to your security budget. While some enterprises may have dedicated hunt teams or add third-party solutions to their security operations, there are low-budget or no-budget ways to reposition your existing team as an effective threat-hunting unit.
In this eWEEK slide show, Endgame Chief Technology Officer Jamie Butler explains how to build a hunt team and what to consider during the process.

Endgame provides cyber-security and ransomware security software.

Leave a Reply