Threat hunting and advanced analytics are cornerstones along any information security organization’s growth path to maturity. To effectively employ a strategy in this arena, there needs to be participation at all levels of the organizational structure. Consequently, we believe the practitioners, managers, and executives directly responsible for the company’s cyber security mission need to have a unified perspective of what security problem deserves advanced analytical attention, what the data needs are, what execution looks like, and to what end. We can help bring all participants into the fold, train them on a unified strategy and real advanced tactics, and create an undercurrent of belief that leads to fuller engagement of all involved parties.
Common use cases:
I think I want to start a hunting program, but I know I need trained people and a strategy to do this.
I want to start doing advanced analytics to find the most worrisome threats on my network.
I don’t think I can just buy a tool to enable a hunting program; I need help for my entire staff to understand where people, process, technology, and playbooks come into play to enable hunting.