About
Threat hunting is fast becoming the biggest asset for any information security team. To reduce dwell time, threat hunters apply the scientific method, developing hypotheses about attacker behavior and testing them. Hunters do not rely on previously uncovered indicators of compromise (IoCs) but rather develop hypotheses based on their extensive knowledge of attackers’ tactics, techniques, and procedures (TTPs) as well as personal experience in handling incidents. This proactive approach helps security teams catch cybercriminals off guard and take them down.
Threat hunting adds to the offensive capabilities of information security teams, which are gradually becoming commonplace worldwide.
Group-IB’s Threat Hunter course explores what makes a good threat hunter and the techniques they use to put forward successful hypotheses.
