Thanks everyone for the encouraging comments on my first post and for taking the time to let me know it helped you out! 😁 Now for the next edition. Hunting is a form of detection. It's not monitoring, but it is detection. So let's take a quick look at creating a detection strategy and how it can include your hunt program. Use a Lifecycle for your Story Your detection strategy needs to create a story that your senior leadership can easily understand. The Mandiant Attacker Li

A successful threat hunting program can't be a black box to the organization. The expense of such elite programs demand executives easily comprehend the value to the organization. Of course, as the program develops, executive comprehension alone will not suffice and metrics will be necessary as well, but that's a post for another day. 5 Threat Hunting Models I've begun to develop 5 Threat Hunting Models that I hope can be used to frame discussions about a threat hunting progr