SANS 2019 Threat Hunting Survey:

The Differing Needs of New and Experienced Hunters

In this year’s survey, we explore how threat hunting teams are tasked in an environment, where they hunt and how they hunt. 

Key findings:

  • Threat Hunting thumbnail

    35% create hypotheses to drive their threat hunting efforts.

  • 56% use threat intelligence to hypothesize where attackers may be found.

  • 34% of hunters have major responsibilities for managing SOC alerts; 26% perform IR and forensics of current breaches.

  • 71% indicate technology is the first or second focus of their threat hunting resources, followed by staffing (47%) and training (41%).

  • 61% report at least an 11% measurable improvement in their overall security posture.




Copyright © 2019, ThreatQuotient, Inc. All Rights Reserved.