SANS 2019 Threat Survey Thumbnail


With so many approaches and tools, how can threat hunters measure success?

Do you use atomic indicators of compromise (IOC) or an alert-driven approach to threat hunting? Are you tool-focused or hypothesis-driven? What about your peers?

Highlights from the report:

  • 35% create hypothesis to drive their threat hunting efforts
  • 56% use threat intelligence to hypothese where attackers may be found
  • 71% indicate technology is the first or second focus of their threat hunting resources, following by staffing (47%) and training (41%)

These are just a few of the findings in the latest SANS Threat Hunting Annual Survey, revealing the differing needs of new and experienced threat hunters and various threat intelligence methodologies.

Complete the form to download the full report. 



“The big issues Silo solves for me are security in research, the ability to work around security protocols and regional restrictions, and safety in browser inherently unsafe websites.”
- verified customer review from G2