Building a Threat Hunting Program from the Ground Up

Go beyond traditional detection methods and proactively hunt for threats lurking within your environment. This session provides a practical guide to building a threat hunting program from scratch. Learn how to assemble a team leveraging existing people from the SOC, IR and penetration testers, establish documented processes, and leverage expertise to identify post-compromise behavior. Discover the essential components of a successful program, including access to data, team members threat intelligence, and the right tools and licenses. Explore different types of threat hunting: hypothesis-driven, TTP-based, anomaly-based, and IOC-driven, with real-world examples. Understand how proactive threat hunting minimizes the impact of breaches, reduces dwell time, prevents financial losses, and improves overall security posture. Walk away with actionable steps to implement a threat hunting program and enhance your organization’s security.