Not a Gartner Client?
Want more research like this?
Learn the benefits of becoming a Gartner client.
Technical professionals focused on security are starting to explore the mysterious practice of "threat hunting" to improve their security monitoring and operations. This requires uniquely skilled personnel and wide-ranging data collection across the IT environment.
Table of Contents
Threat Hunting Defined
- Key Characteristics of Threat Hunting
Determine the Value of Threat Hunting for Your Organization
Build a Business Case for Threat Hunting
Consider the Types of Organizations That Succeed at Threat Hunting
Prepare Resources and Prerequisites for Effective Threat Hunting
- Information and Data
Starting Threat Hunting at Your Organization
- Starting With a Long Hunt Approach
- Starting With an Ad Hoc Hunting Approach
- Starting With a Service Provider Approach
Categories of Malicious Activities to Look For
Additional Usable Threat-Hunting Examples
Build Threat-Hunting Processes and Workflows
- Security Hunting Process
- Hunting and Other Security Processes
Beware of Threat-Hunting Pitfalls and Cautions
- Threat Hunting Defined
Gartner Recommended Reading