A SANS 2021 Survey: Threat Hunting in Uncertain Times
The SANS 2021 Survey on Threat Hunting highlights the use of SIEM, IDS/IPS, and EDR tools, challenges in staffing and training, and the need for cloud visibility. Key improvements include extending tools to the cloud, leveraging third-party resources, and acquiring more investigative staff. Organizations measuring effectiveness saw a 10-25% improvement in security posture.