A group of researchers want to help the cybersecurity community find hidden threats in their solutions. Together, 17 cybersecurity experts have teamed up to launch threathunting.org. The new online hub, sponsored by Sqrrl, provides practical resources, expert research and training material on how to hunt security threats.
“There are a lot of people who want to get started hunting for evil in their network, but don’t know where to start. What should they hunt for? How do they perform the hunts? What data do they need to collect?” said Eric Cole, a cybersecurity expert and instructor for the Threat Hunting Academy. “On the other hand, there are a lot of individuals out there who have written blog posts or made conference presentations that detail some of their favorite hunting tips. The problem is that they are scattered, and it’s sometimes hard to find what you need.”
Threathunting.org will provide lecture content, interviews, a resource library, video tutorials, best practices, white papers, and on-demand e-courses. The idea is to expand threat hunting expertise cross organizations of all sizes.
One of the most popular e-courses available on the site includes an introduction to threat hunting taught by Cole.
“Threat hunting is one of my favorite topics, and the reason is because I’m tired of the adversary having the upper hand. It seems like adversaries can break into organizations, do anything they want, and go completely and totally undetected, and that frustrates me” he said. “We need to get more proactive. We need to recognize that our environments are broken into and aggressively and actively look for that adversary.”