The SANS 2022 Threat Hunting Survey reveals that most organizations are still maturing their threat hunting practices, with 51% citing lack of skilled staff as the biggest barrier. While many rely on SIEMs, EDRs, and internally developed tools, 44% admit their methodologies are constrained by tool capabilities rather than process design. Only 43% measure effectiveness formally, yet 85% report improved security posture, mainly through reduced attack surface and better detections. Key priorities include expanding into cloud environments, leveraging AI/ML, and scaling staffing, as demand for formal, repeatable methodologies grows.

Join for free to read