As many SOCs are struggling to cope with the rising security threat workload, more organizations continue to adopt threat hunting as an integral part of their security operations. They are discovering that proactive threat hunting can reduce the risk and impact of threats that might otherwise go undetected by traditional security technologies, all while improving defenses against new attacks.
In 2022, Cybersecurity Insiders conducted the fifth annual threat hunting research project in partnership with DomainTools to gain deeper insights into the state and evolution of this security practice.
Key findings include:
• While most organizations take a proactive threat hunting stance (64%), more than a third are responding to threats only after they have been detected (36%). This reactive posture partly contributes to about a third of security threats remaining undetected (37%).
• Over half of organizations (56%) observed an increase in threat levels by at least a factor of two compared to the previous year.
• Through threat hunting, 61% of organizations identify actionable indicators of compromise while 59% can generate rule sets or alert automation on future similar threat activity.
• Fifty-one percent of organizations find threat hunting produces a deeper understanding of adversary behavior and trends.
We would like to thank DomainTools for supporting this unique research.
We hope you are able to take away actionable insights from this important report.