Sqrrl Blog

Oct 11, 2016 7:00:00 AM

Welcome to The Hunter’s Den: Tools, Tips, and Techniques for Threat Hunting

This is the first post in a new blog series we are calling The Hunter’s Den. Over the last nine months it has been exciting to see the concept of “threat hunting” take off. At the most recent Black Hat conference this past August, it was surprising to see how many companies had begun to adopt threat hunting messaging. This mirrors the increasing interest we have seen around threat hunting, as illustrated by the Google Trends chart below.

Read More

Topics: Threat Hunting, Hunting Platform, Hunting How-To's

Mar 15, 2016 6:22:00 PM

What Is a Threat Hunting Platform: Part 2 - Benefits and Sqrrl

In Part 1 of this blog series we discussed the concept of a threat hunting platform and the capabilities that a THP provides to security analysts that are looking to proactively find threats hidden in their data. In part 2 of this series we will take a look at the benefits that a THP can deliver and present Sqrrl as an example of a best-in-class THP.

Read More

Topics: Cyber Threat Hunting, Hunting Platform

Mar 7, 2016 3:11:00 PM

What Is a Threat Hunting Platform: Part 1 - An Introduction

Hunting and its Obstacles

One of the major security  problems facing organizations today is that they are simply not finding hidden threats on their network in time. On average, it will take an organization 205 days before finding a malicious actor burrowed in their systems. 70% of breach notifications companies receive come from third party organizations. To find advanced threats, you need more than traditional automated security solutions; you need to be hunting.

Threat hunting is the process of proactively and iteratively searching through networks to detect and investigate advanced threats that evade existing detection tools. Hunting can radically enhance the process of finding those hidden threats and can cut the time it takes to find them from multiple hundred days to hours. But even if you want to start hunting, there are still 2 major issues that you will likely face.

Read More

Topics: Cyber Hunting, Threat Hunting, Enterprise Security, Hunting Platform