How to automate threat hunting
(Source: CSO Online) Threat hunting is proactively searching for indications of any IT security threat or compromise. It is about filling in the gaps in the SIEM rule set. It’s accounting for the false negatives—the lack of alerts in situations when alerts really should be raised—in rule-based security systems. Threat hunting is successful when SOCs …