This post originally appeared on Carbon Black's blog as an introduction to a threat hunting webinar with Carbon Black. A recording of that webinar is now available.
Threat Hunting is quickly becoming common practice in Security Operation Centers (SOCs). While many security analysts undertake hunting either formally or informally (86% according to a recent SANS Institute survey) hunts are often limited by the data that is available to them. This post explores how the unification of network and endpoint data can increase the effectiveness of threat hunts.