Return to search

Threat hunting, definition and framework

Being pioneers comes with advantages and responsibility. The concept of threathunting is currently being subsidized by businesses promoting their products. Additionally,there is little or no information regarding the implementation and theeffects, which vary depending on the organization. Threat hunting needed an unbiaseddefinition in accordance with employees in IT security. Consequently, theframeworks used when assessing threat hunting had to be objective. This thesispresents a definition of threat hunting, composed using impartial opinions. Furthermore,the thesis provides unique frameworks to assist when implementing andassessing threat hunting at an organization. This thesis has several areas of application:as a knowledge base for threat hunting, as the recommended practice forimplementing threat hunting and as groundwork for a more comprehensive evaluationof threat hunting capabilities. Ultimately, the thesis offers unprecedentednonpartisan information and recommendations on threat hunting.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:hh-36759
Date January 2018
CreatorsLiliengren, Theodor, Löwenadler, Paul
PublisherHögskolan i Halmstad, Högskolan i Halmstad
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0015 seconds