Does your organisation have a formalised threat hunting programme? If so - what were the key drivers for you in setting one up and what made it successful? If not - what is stopping you from setting this up?

Awareness & TrainingThreat Intelligence & Incident Response
688 viewscircle icon2 Comments
Sort by:
CISO in Softwarea month ago

The first question to ask is whether you are ready with the data lake, resources and time to invest in this space.  Not all companies can make this investment internally and are often best working with an external provider to explore this space as a project.

Chief of Information Security in Energy and Utilities2 months ago

If you have an IR retainer, I'd evaluate their threat hunting service. This usually provides 24/7 threat hunting at the cost of 1-2 FTE (e.g., CrowdStrike Overwatch). If you wish to build your team, consider your ability to attract and retain skilled staff while providing 24/7 coverage.

Content you might like

How do you mitigate the impact of unexpected talent departures? Are there any tech solutions or other strategies you use to retain institutional knowledge?

Read More Comments

Has your organization experienced model denial of service attacks on its LLM?

Yes47%

Not to my knowledge52%

Not sure

View Results

If your Identity Provider (IdP) (Okta, Entra, Ping, etc.) went down tomorrow due to outage, ransomware, or misconfiguration — who would actually recover your tenant?

The IdP vendor — they provide backup & recovery

My team — we have tested recovery processes in place100%

Nobody — we’d have to rebuild manually

Not sure

View Results

Any tips for evaluating/implementing solutions for application detection and response? What’s your experience been like with these tools so far?

What’s your “hot take” when it comes to security questionnaires?

Read More Comments