Sqrrl Blog

Mar 15, 2016 6:22:00 PM

What Is a Threat Hunting Platform: Part 2 - Benefits and Sqrrl

In Part 1 of this blog series we discussed the concept of a threat hunting platform and the capabilities that a THP provides to security analysts that are looking to proactively find threats hidden in their data. In part 2 of this series we will take a look at the benefits that a THP can deliver and present Sqrrl as an example of a best-in-class THP.

Read More

Topics: Cyber Threat Hunting, Hunting Platform

Mar 7, 2016 3:11:00 PM

What Is a Threat Hunting Platform: Part 1 - An Introduction

Hunting and its Obstacles

One of the major security  problems facing organizations today is that they are simply not finding hidden threats on their network in time. On average, it will take an organization 205 days before finding a malicious actor burrowed in their systems. 70% of breach notifications companies receive come from third party organizations. To find advanced threats, you need more than traditional automated security solutions; you need to be hunting.

Threat hunting is the process of proactively and iteratively searching through networks to detect and investigate advanced threats that evade existing detection tools. Hunting can radically enhance the process of finding those hidden threats and can cut the time it takes to find them from multiple hundred days to hours. But even if you want to start hunting, there are still 2 major issues that you will likely face.

Read More

Topics: Cyber Hunting, Threat Hunting, Enterprise Security, Hunting Platform