Best Offers on Online Training Ending Soon! Get a 12.9" iPad Pro, Surface Pro or $350 Off - Only Four Days Left


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

New SANS Whitepaper Provides an In-Depth Look at Effective Threat Hunting

Offers Insight into the What, Why, When, Where and How of Threat Hunting

  • Bethesda, MD
  • March 7, 2016

SANS Institute, the global leader in information security training, today announced a new white paper that offers a deep look into threat hunting including what it is (and what it is not), why it is needed, and how to get started. The whitepaper was developed by SANS faculty members Rob Lee & Robert M. Lee to help organizations take a proactive approach to identifying adversaries rather than reactively waiting for an alert to go off.

The whitepaper, The Who, What, Where, When, Why and How of Effective Threat Hunting, details the foundation for threat hunting success. For a more complete and in-depth discussion on threat hunting, SANS will host a Threat Hunting and Incident Response Summit & Training April 12 - 19 in New Orleans, LA. Summit attendees will learn hunting and response techniques and strategies from the greatest threat hunters and responders in the information security community.

Summit Chair, Rob Lee, will give attendees an exclusive sneak peek at the results of SANS' first-ever Threat Hunting Survey. Included will be data and feedback on the tools organizations are using for threat hunting; the top skills hunters need to succeed; and how threat hunting affects and is affected by security budgets.

According to Lee, "No matter how thorough an organization's security precautions might be, no network is impenetrable. Persistent and focused adversaries are already in many enterprises. They present a security challenge that requires dedicated and empowered threat hunters who know what adversaries are capable of so they can sniff them out of the network as early as possible, close the gaps and create repeatable processes that can be followed for future hunts."

To download a complimentary copy of the white paper, visit For information on the SANS Threat Hunting and Incident Response Summit & Training, or to register, visit:

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 60 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates a practitioner's qualifications via over 30 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (