Threat hunting and advanced analytics are cornerstones along any information security organization’s growth path to maturity. To effectively employ a strategy in this arena, there needs to be participation at all levels of the organizational structure. Consequently, we believe the practitioners, managers, and executives directly responsible for the company’s cyber security mission need to have a unified perspective of what security problem deserves advanced analytical attention, what the data needs are, what execution looks like, and to what end. We can help bring all participants into the fold, train them on a unified strategy and real advanced tactics, and create an undercurrent of belief that leads to fuller engagement of all involved parties.
Questions we’d love to answer:
I think I want to start a hunting program, but I know I need trained people and a strategy to do this; can you help us?
How do I start doing advanced analytics to find the most worrisome threats on my network; who do I need to hire to make that happen?
I don’t think I can just buy a tool to enable a hunting program; can you help my entire staff understand where people, process, technology, and playbooks come into play to enable hunting?