Do you worry that there are bad people accessing your networks? If you think your systems have already been compromised you’re going to want to know how and by how much.
In this interview, Peter Cohen at MWR Countercept explains the art of threat hunting – a proactive rather than reactive approach that doesn’t rely on the attacker tripping alarms. In fact, he explains, you assume that your adversary is too clever for your normal defences, such as firewalls, IDS and SIEMs. So you go looking for the weaknesses in your systems that the attacker has used. This requires an understanding of the attacker mindset and a skillset that is currently in short supply.