The cybersecurity landscape is frequently changing due to the rapid development of the latest technologies, and this change is both beneficial and harmful. The hackers are ramping up their assets and technologies to obtain more stealth to bypass the system/network defenses of an organization, and due to the existence of various challenges such as lack of resources, skills, and finance, not every firewall or network defense is perfect. Thus, the need for the evaluation of an organization’s digital space for compromises is necessary. By searching for artifacts and indicators that prove whether a system/network has been compromised or not, the corresponding vulnerability and the damage done could be identified and mitigated. This process of searching for artifacts is called threat hunting, and the current manuscript describes in detail the types, tools, and challenges of threat hunting program.
September 22, 2020