2023 Survey Event | Threat Hunting: Focusing on the Hunters and How Best to Support Them

As vendors develop new software or tools for threat hunting, we need to remember that threat hunting is predominantly a human-based activity in looking for incidents that our automated tools have not yet found, or cannot yet detect. This year, our survey will focus on the hunters themselves and how their organizations support threat hunting. Are hunters asked to complete multiple tasks at once? How much focus is given to threat hunting compared with other cybersecurity tasks? We look further at the skills that threat hunters must hone as they are just starting out and to skillsets of those who have been hunting for many years. We again will compare year-on-year trends to see how organizations have shifted their perspectives on threat hunting.

Register for this webcast now and be among the first to receive this whitepaper from SANS certified instructors and authors Mathias Fuchs and Josh Lemon.

Join the SANS Analyst Program interactive Slack workspace and you can connect live with SANS authors and sponsor speakers, have a chance to win prizes and network with other attendees.


As an added bonus, one lucky attendee will be chosen to receive a voucher to our SANS Gear Shop for $100, join us for your chance to select some cool gear from our online shop!


Thank You to Our Sponsors

Anomali_Logos_Anomali Full Color Primary - NEW.pngLogoLockup_Horz_RGB_Blue_190103.pngCorelight_Transparent.pngDevo.pngLacework_Logo.png


Timeline (EDT)

Session Details

10:30SANS authors share data and results of our 2023 Threat Hunting Survey, as well as analysis of threat hunting trends in the coming year - and how 2023 results compare with past SANS threat hunting surveys.

Mathias Fuchs Certified Instructor, SANS

Josh Lemon Certified Instructor, SANS


Network Threat Hunting at the Speed of Attack

Because virtually all cyberattacks must cross the network and adversaries cannot avoid leaving fingerprints behind, the network offers threat hunters a comprehensive hunting ground to identify evidence of both live and historic attack activity. This presentation will deliver guidance on achieving hunt-optimized network visibility and provide attendees with real examples of high value hunts that can be conducted on the network.

John Gamble Sr. Director, Product Marketing, Corelight


Better Faster Stronger: AI's Future in Threat Investigations

Many security teams lack the resources to proactively hunt for threats and struggle with analyst burnout from excessive alerts and manual processes. In this session, Steve Morrow will show how AI can be applied in threat hunting and alert investigations to increase analyst effectiveness and better protect the organization.

Stephen Morrow Global VP of Solution Engineering, Devo


Threat Hunting Panel Discussion

Josh and Mathias will lead a conversation with our special guests, John Gamble, Chris Hall and Stephen Morrow.