What is threat hunting?

Why threat hunting?

We need to conduct these threat hunting activities regularly to uncover the possible security threats to our information system. Because there can be zero-day vulnerabilities also. After we have discovered any kind of threat, we need to inform them to the liable authorities who can take action and mitigate them. By following this procedure we can secure our information system and it is an important step for information security.

Figure 2 — threat hunting cycle

What is the threat hunting cycle?

This threat hunting is never ended and we need to conduct it regularly as this is a cyclic process. It begins with the hypothesis which describes there is a possible threat in our information system which we need to uncover. So, creating a hypothesis is the first step.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store