Security news aggregator

Latest coverage for Threat Hunting

Threat hunting searches for hidden attacker activity that evades alerts, helping limit dwell time and damage through evidence-led detection.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Threat hunting is the proactive search for signs of compromise that automated alerts, signatures, or routine monitoring may miss. Analysts form hypotheses from threat intelligence and observed attacker tactics, techniques, and procedures, then examine endpoint, identity, network, cloud, and application telemetry for unusual behavior. The work may uncover unauthorized persistence, credential use, or lateral movement before an attacker’s objective is reached.

In a threat model, hunting addresses adversaries who already have—or may have obtained—an initial foothold and are deliberately avoiding detection. Its value depends on usable, time-synchronized logs, adequate visibility, and disciplined investigation rather than isolated anomalies. Effective practice prioritizes high-risk assets and attack paths, tests hypotheses against historical data, turns validated findings into detections, and preserves evidence for containment and scoping. Access to detailed user and system data should also be limited and governed because hunting can expose sensitive information.

Volume over time

Weekly headline count for the current query.

Showing 8 most recent headlines Filtered view

My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could I see with NDR that I wouldn’t otherwise?Am I ready to be a network security analyst now? My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (

Addressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. Achieving this takes a lot of research and proactive threat hunting. The problem here is that it is easy to get stuck in endless arrays of data and end up with no relevant intel.  To avoid this, use these five battle-tested techniques that are

The Hacker News 3 years, 8 months ago

Threat hunting with MITRE ATT&CK and Wazuh

Threat hunting is the process of looking for malicious activity and its artifacts in a computer system or network. Threat hunting is carried out intermittently in an environment regardless of whether or not threats have been discovered by automated security solutions. Some threat actors may stay dormant in an organization's infrastructure, extending their access while waiting for the right