What is HUNTing and why do we do it?

What is HUNTing and why do we do it?

Jackson Reynolds
Dec. 19, 2018

HUNTing for malware and other signs of intrusion on computer networks is not a new concept. What started as a means of responding to a network breach has grown into a preventive process as necessary as firewalls, antivirus, the principle of least privilege, and everything else that fits into the definition of defense-in- depth. At its basic level, Cyber Threat HUNTing is simply proactively looking for network anomalies and determining if they are malicious. Not unlike a shepherd guarding sheep, the R9B HUNT team watches for predators stalking important data and accessing valued resources. As predators advance, we learn from their techniques, adapt our defenses, and tailor a solution to stop them. The defender’s job is much more difficult than that of the predator. In the past, the information security community has viewed network defense as a purely technical problem. But in reality, it is an intelligence problem. Predators are always observing and gaining knowledge of their prey. It’s time for the prey to understand the predator’s environment, motives, and techniques in order to take back control and gain the upper hand […]