Move from Hypothesis-Based Threat Hunting to Analytics-Driven With over 12,000 internal users accessing sensitive patient data, this organization had to face the reality of potential insider threats to their data security. Its security operations center (SOC) already deployed hypothesis- based threat hunting where an actionable hypothesis is created, executed, and tested to completion. This method aims to connect the dots, determine what’s normal and what’s not, and identify anomalies. Its Chief Information Security Officer (CISO) explains what he would prefer: “Instead of managing a flood of distracting false positives derived from hypothesis-based threat hunting, we felt we could augment our hunting efforts better by creating more accurate behavioral intelligence-based h

Join for free to read