Threat hunting is an important weapon in the arsenal of proactive enterprise security. With the shift to the cloud, however, the threat landscape is rapidly evolving. Faced with automated attacks, multiple perimeters to defend, and a growing mobile workforce, threat hunters need to reassess the mission. What is the surface area they need to protect? When does threat hunting stop and incident response start? And whats the difference between threat hunting and detection? In this session, we will discuss these topics and provide guidance for becoming more effective at detection and response in SaaS and IaaS environments.