2024-08-30 –, Track 2
In an era where cyber threats are rapidly evolving, the traditional security defence measures are no longer sufficient. This is where cyber threat hunting steps in—an approach that actively seek out cyber threats or malicious activities within the organisations network before they are able to cause harm.
Our research, "Unveiling the Hunter-Gatherers: Exploring Threat Hunting Practices and Challenges in Cyber Defense," takes a deep dive into the proactive approaches of cyber threat hunting best practices for identifying cyber threats and challenges. This presentation will cover three key areas:
The Practice of Cyber Threat Hunting: Here we explore the different threat hunting methodologies. We also highlight the prevalent methods and how they are used to tackle cyber threats. In addition, we shed light on the required skills, qualifications, and experience needed for threat hunting. Challenges Faced by Threat Hunters: We would offer insights into the most common challenges in threat hunting and explore the key obstacles that threat hunters encounter and how these challenges impact threat hunting process.
Suggesting Improvements: We will also highlight the strategies that threat hunters employ to overcome the challenges they encounter during the process. By so doing, we identify recommended practices for improving threat-hunting processes.
I assure you, attendees will leave with a comprehensive understanding of the cyber threat hunting landscape, challenges and mitigation strategies well equipped with practical knowledge. This talk will provide adequate guidance to researchers in their futures thinking and responsible innovation in threat hunting as well as provide an opportunity to collaborate. My talk is designed for cybersecurity professionals of all experience levels who are keen to learn and explore the future of cybersecurity defense unlocking the potential of cyber threat hunting in a constantly evolving threat ecosystem.
Threat hunting is a proactive approach to identifying threats are that remains undetected within the network. However, despite its significance, there remains a lack of deep understanding of the best practices and challenges associated with effective threat hunting. To address this gap, we performed a qualitative based user study with experienced threat hunters from all across the globe to highlight prevalent methods and how these methods are used to tackle cyber threats. In this research, we provide the first empirical evidence on the daily practices of threat hunters in the wild. Additionally, the study sheds light on the requisite skill specific qualifications, and experience needed for threat hunting. The study offers insights into the most common challenges in threat hunting and the strategies that threat hunters employ to mitigate them. Based on these findings, we provide empirical insight for improving existing threat-hunting best practices. Our work has been accepted for publication in USENIX Security 2024.
I am a PhD student at University of Bristol