From the course: Complete Guide to Cybersecurity: A Practical Approach

Unlock this course with a free trial

Join today to access over 24,600 courses taught by industry experts.

Introducing the threat hunting process

Introducing the threat hunting process

- [Instructor] Let's go over what is threat hunting, and what is a threat hunting process? Basically, threat hunting is a proactive practice where you actively search for signs of malicious activities, or potential threats within a network that traditional security tools like firewalls, intrusion detection systems, or antivirus software cannot detect. Now it goes beyond the automated alerts that you have in a security operation center. Basically, you may have security operation center analyst, and I'm going to draw here the three tiers of a typical security operations center, tier one, tier two, and tier three. Typically, threat hunting is performed by Senior Analyst, probably tier three analyst in a security operations center, or it may be done by a separate team, and you may have a threat hunting team. I'm just going to put here THD for short. And in this case, you know, depending on the size of the organization and the resources, you may have a completely separate team of…

Contents