A Cybersecurity Threat Hunter is responsible for detecting and identifying highly advanced cyber threats that cannot be detected by automatic or programmatic solutions. They search for and track hidden threats before they attack, rather than addressing incidents that have already happened, like the Incident Response team. These threats can be posed by insiders, such as employees, or outsiders, like organized crime groups.
Cybersecurity Threat Hunters work with a variety of tools to track adversaries and identify suspicious activities, including security monitoring tools, SIEM solutions, analytics tools, and network protocols such as the TCP/IP stack. Threat Hunters also need a deep knowledge of current and past attack methods, attack methodologies, and forensic science.
Get our latest insights. Subscribe to our newsletter.