Home Development Gartner: My “How to Hunt for Security Threats” Paper Published

Gartner: My “How to Hunt for Security Threats” Paper Published

0
Gartner: My “How to Hunt for Security Threats” Paper Published
0

My mini-paper on threat hunting is out!Review “How to Hunt for Security Threats” (Gartner GTP access required) and provide feedback here.

The abstract states “Technical professionals focused on security are starting to explore the mysterious practice of “threat hunting” to improve their security monitoring and operations. This requires uniquely skilled personnel and wide-ranging data collection across the IT environment.”

As usual, a few fun quotes follow below (but really, the entire thing is very fun!):

  • “Threat hunting helps with threats that bypass both preventative and detective controls, and enables organizations to uncover threats that would otherwise remain hidden. Hunting success relies on a mature security operations center (SOC) and cyberincident response team (CIRT) functions.”
  • “For most organizations, hunting becomes an option after they have maximized their alert triage and detection content development processes and matured their security incident response functions, but still need to look beyond additional incremental improvements.”
  • “One organization reported that, for it, hunting is a way to flip the age-old security maxim, “the defender needs to close all holes, but the attacker needs to just find one hole to get in.” Specifically, with hunting, an attacker’s sole mistake is likely to lead to their discovery and removal, while the defender can cast its net many times to find the mistake.”

Read the entire article here, My “How to Hunt for Security Threats” Paper Published

via the fine folks at Gartner

Featured Resources:

Related Articles:

tags:
Categories:
Gartner Gartner, Inc. (NYSE: IT) is the world's leading information technology research and advisory company. The company delivers the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is the valuable partner to clients in approximately 10,000 distinct enterprises worldwide. Through the resources of Gartner Research, Gartner Executive Programs, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyze and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, USA, and has 8,300 associates, including more than 1,800 research analysts and consultants, and clients in more than 90 countries. For more information, visit www.gartner.com.
| LATEST RESOURCES

White Papers

    Amazon AppStream 2.0 Developer Guide

    This is official Amazon Web Services (AWS) documentation for Amazon AppStream 2.0. This documentation is offered for free here as a Kindle book, or you can read it online or in PDF format at https://aws.amazon.com/documentation/appstream/. Amazon AppStream 2.0 is a fully managed, secure application streaming service that allows you to stream desktop applications from AWS […]

    Downloads

      FREE eG Enterprise Logon Simulator for Citrix XenApp and XenDesktop

      Fast, free and incredibly useful. Coming in summer 2017. 14Synthetic logon simulation tool for monitoring, diagnosis, alerting and reporting of Citrix logon performance Quick SaaS deployment – be up and running in minutes Web-based monitoring console Supports logon through StoreFront or NetScaler Gateway Best-suited for Citrix XenApp 6.5, 7.x and XenDesktop 7.x Free forever, no […]

      On-Demand Webinars

        Latest Videos

          HIPAA/HITRUST – Account Governance Strategies – #AWS Session Video

          Highly regulated workloads, like those that are HIPAA or HITRUST based, can be created using native tools on AWS, but how do we manage them after they’ve been made? This session will review governance and compliance designs for a regulated workload, like HIPAA or HITRUST, and demonstrate how you can better validate and document your […]

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win a Tesla P100D

          Visit our Sponsors!


          Close