Threat hunting is still at an early stage, but AI can help

The need for reliable intelligence is pressing in threat hunting and emerging AI technologies can fulfill that to a good extent, according to a Censys study.

The study included US and Europe-based organizations across industries and noted that current threat-hunting practices are “as much an art as science” and can use a discipline of common, proven, and accepted standards for assessments supported by reliable intelligence.

“One throughline that emerges is the need for reliable threat intelligence and its impact on threat hunters’ ability to do their jobs well,” said the Censys report on the study. “Threat intelligence, or lack thereof, is a commonality across the top challenges respondents identified. Access to threat intelligence also affects nearly every aspect of how respondents say they do their jobs.”

False positives present a formidable challenge to day-to-day threat hunting, the report remarks, and are expected by experts to ease out to some extent if the application of AI goes mainstream.

Besides the potential to help standardize threat-hunting practices, AI is delivering a considerable advantage to organizations with automation, accuracy, and innovation.

Half of threat hunters in the US have shifted to using attack surface management (ASM), managed detection and response (MDR), and exposure management (EM) tools powered with automation against a comparatively fewer number in Europe. This has to do with the US regarding cybersecurity as a matter of national security, while Europe sees it as a means to “protect privacy and ward of economic danger”, according to the report.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button