Security news aggregator

Latest coverage for Threat Hunting

Threat hunting searches for hidden attacker activity that evades alerts, helping limit dwell time and damage through evidence-led detection.

2 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Threat hunting is the proactive search for signs of compromise that automated alerts, signatures, or routine monitoring may miss. Analysts form hypotheses from threat intelligence and observed attacker tactics, techniques, and procedures, then examine endpoint, identity, network, cloud, and application telemetry for unusual behavior. The work may uncover unauthorized persistence, credential use, or lateral movement before an attacker’s objective is reached.

In a threat model, hunting addresses adversaries who already have—or may have obtained—an initial foothold and are deliberately avoiding detection. Its value depends on usable, time-synchronized logs, adequate visibility, and disciplined investigation rather than isolated anomalies. Effective practice prioritizes high-risk assets and attack paths, tests hypotheses against historical data, turns validated findings into detections, and preserves evidence for containment and scoping. Access to detailed user and system data should also be limited and governed because hunting can expose sensitive information.

Volume over time

Weekly headline count for the current query.

Showing 2 most recent headlines Filtered view

AI helped send weekly threat signal count from 80 million to 400 billion, then helped response time shrink from two days to 30 minutes Australia’s Commonwealth Bank built its own agentic AI threat hunting tools, because vendors are too slow to develop tools that can cope with emerging AI-powered threats, according to General Manager of Cyber Defence Operations Andrew Pade.…