Security news aggregator

Latest coverage for Threat Hunting

Threat hunting searches for hidden attacker activity that evades alerts, helping limit dwell time and damage through evidence-led detection.

1 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Threat hunting is the proactive search for signs of compromise that automated alerts, signatures, or routine monitoring may miss. Analysts form hypotheses from threat intelligence and observed attacker tactics, techniques, and procedures, then examine endpoint, identity, network, cloud, and application telemetry for unusual behavior. The work may uncover unauthorized persistence, credential use, or lateral movement before an attacker’s objective is reached.

In a threat model, hunting addresses adversaries who already have—or may have obtained—an initial foothold and are deliberately avoiding detection. Its value depends on usable, time-synchronized logs, adequate visibility, and disciplined investigation rather than isolated anomalies. Effective practice prioritizes high-risk assets and attack paths, tests hypotheses against historical data, turns validated findings into detections, and preserves evidence for containment and scoping. Access to detailed user and system data should also be limited and governed because hunting can expose sensitive information.

Showing 1 most recent headlines Filtered view
Bank Info Security 9 months, 4 weeks ago

Vega Secures $65M to Scale SecOps, Take On Traditional SIEMs

Funding Supports Threat Hunting, Natural Language to Replace Legacy DetectionVega aims to replace patchwork AI integrations with an analytics layer that enables real-time, natural language detection across distributed data. Backed by Accel, the company will double headcount, improve detection tuning and reduce false positives without a SIEM rip-and-replace required.