2023 SANS Threat Hunting Survey Focusing on the Hunters and How Best to Support Them
Speakers: Mathias Fuchs & Josh Lemon (SANS), John Gamble (Corelight)
As vendors develop new software or tools for threat hunting, we need to remember that threat hunting is predominantly a human-based activity in looking for incidents that our automated tools have not yet found, or cannot yet detect.
This year, our survey will focus on the hunters themselves and how their organizations support threat hunting. Are hunters asked to complete multiple tasks at once? How much focus is given to threat hunting compared with other cybersecurity tasks? We look further at the skills that threat hunters must hone as they are just starting out and to skillsets of those who have been hunting for many years.
We will also compare year-on-year trends to see how organizations have shifted their perspectives on threat hunting.