Digital Risk Protection
Threat Hunting and Incident Response
November 26, 2019 | 1 min read
BlueVoyant
In today’s distributed IT environments, proactive security strategies are critical to quickly identifying and mitigating threats. For that reason, evaluating an MSSP must include an evaluation of their threat hunting capabilities. This is not always so easy to do because the true test of threat hunting is to see it in practice. A good threat hunter thinks like a hacker and draws on multiple sources of proprietary and open source threat intelligence to inform their process as they identify and respond to threats.
To find out more about the challenges involved in effective threat hunting, Mighty Guides sent the following survey question to about 3,000 security professionals:
Which is the most difficult aspect of threat hunting?
- Choosing the right set of threat intelligence feeds
- Analyzing threat intelligence
- Rapidly responding to potential threats
- Researching identified threats
- Automating threat isolation and analysis
To provide good threat hunting services, an MSSP needs to have threat intelligence that is relevant to your area of business, they need to have good detection and reporting tools, and they need to have people with good threat hunting skills. When evaluating MSSPs, you should have them walk through their process and see exactly what technologies they use, and how they use them.
Related Reading
Microsoft
Scary Cybersecurity Stories to Tell in the Dark: Tales from the Digital Depths
October 22, 2024 | 1 min read
Managed Detection and Response
Better Together: The Benefits of Combining MXDR and TPRM
September 24, 2024 | 3 min read