The threat hunters strengthen corporate defenses: Panda Security explains why
Panda Security explains how the threat hunter, the ” threat hunter “, improves corporate security by finding weak points and verifying that they are not used to make attacks.
Defending against attacks becomes increasingly complicated and the traditional approach of creating static defenses is no longer so effective. Today’s world requires companies to be proactive in finding threats and possible flaws so that they can be discovered before attacks can be carried out. This leads to the need for specialized figures called threat hunters, who deal with anticipating threats and protecting the company.
Threat hunter: who they are and what they do
Threat hunters are an increasingly popular figure in the corporate security landscape due to the increased complexity and sophistication of attacks. According to a Panda Security survey, 62% of companies claim to have suffered attacks that did not use traditional malware, using instead sophisticated techniques such as chatbots, inbound marketing and artificial intelligence. This leads to the need for highly specialized figures who have the skills to understand what attacks are possible and for what reasons.
A threat hunter must have a strong knowledge and experience in the world of computer security, as well as having a vision of the business and geopolitical context that can help him understand what the origins of the threats may be. The capacity to carry out investigations with a rigorous method to validate the hypotheses made closes the circle.
In fact, the ” hunting ” process requires the practitioner to make assumptions about the possible threats and their origin, then going on to verify if these hypotheses are reflected in reality – both by verifying whether it is actually possible to carry out attacks by exploiting any weak points, and by verifying whether an attack took place and conducted investigations to trace the attacker in a positive case.
An example brought by Panda Security is that of Bondat, a worm that hit a Panda customer and that was discovered thanks to the threat hunting activity. Without the latter, it would not have been possible to discover the warm, since this was designed to hide almost perfectly from traditional security measures.
Overall, a threat hunter allows a company to make its defenses stronger and to discover both potential points of vulnerability and any attacks already in progress, thus allowing the company to react actively to threats by preventing or foiling them in a short time. Panda Security offers more information on the threat hunter (and the real Bondat case) on his blog.
