Most teams know that an active detection strategy is the right move, but may be confused about where to start or don’t know how to describe what the appropriate capability should be. This whitepaper provides a formalized approach to hunting.
This whitepaper contains everything from a hunting loop framework meant to facilitate hunting best practices, to a hunting maturity model that provides a set goal trajectory to grow your hunting capabilities up from the ground.
"Sqrrl has taken the first step to formalizing the threat hunting process. This is solid as a threat hunting framework "
Threat hunting is emerging as a critical focal area for security teams today.
New hunt teams will get a good idea of an appropriate initial hunting capability. Existing hunt teams can match their current capabilities to those described in the framework, then look ahead one step to see ideas for how they can develop their skills and/or data collection abilities to achieve the next level of maturity.
You'll find this whitepaper to include: