Threat hunting foundations: People, process and technology (Part 1 of 2)

This webcast was recorded in June 2022.

– Webcast Q&A, slides and other resources:
– Sign up for our email list to get notified of upcoming events so you can join them live:
– Cyber Work and YouTube watchers get FREE cybersecurity resources:

Ever wonder what threat hunting is all about? Join Infosec Principal Cybersecurity Advisor Keatron Evans as he breaks down the basics of what it’s like to have a career hunting down potential cyber threats, including:

0:00 – What you need to know
1:30 – What is threat hunting?
4:32 – What skills do I need to start threat hunting?
5:45 – Is threat hunting valuable for level 1 SOC roles?
7:47 – Incident response vs. threat hunting
9:17 – Threat hunting concepts: data, baselines, threat intel
11:02 – 3 reasons to assume a data breach
12:20 – Zero-day vulnerabilities and threat hunting
13:40 – How long does it take to detect a breach?
15:42 – How to combat alert fatigue?
16:30 – Key components of threat hunting
18:05 – Beginner cyber threat hunting tools
20:08 – Artificial intelligence threat-hunting tools
22:00 – 5 steps to a mature threat-hunting process
24:05 – Step 1: Collect and process data
25:05 – Step 2: Establish a hypothesis
26:20 – Step 3: Hunt for threats
27:25 – Step 4: Identify threats
28:05 – Step 5: Respond
28:26 – Lessons learned
29:00 – Examples of a threat-hunting hypothesis
31:43 – Checklists for collecting data
33:05 – How to develop a hypothesis
36:10 – Best ways to store threat-hunting knowledge
37:15 – Thoughts on Maltego and PowerShell
39:10 – Where can I find slides and resources?
39:40 – How to encourage SOC analysts to go into threat hunting
40:46 – How to measure the ROI of threat hunting
43:19 – Threat-hunting frameworks and processes
44:58 – Cyber threat hunting boot camps and training
47:39 – How to get a free Infosec Skills account
50:15 – Threat hunting in a cloud environment
52:30 – Other questions and wrap up

About Infosec
Infosec’s mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ’s security awareness training. Learn more at