Threat hunting is a proactive approach where security professionals look for signs of malicious activities within an organization's network or systems that have not triggered any automated detections. This activity involves hypothesis-driven investigations, often targeting specific tactics, techniques, and procedures (TTPs) used by threat actors. Unlike relying solely on automated alerts, threat hunting aims to uncover hidden threats that might evade traditional security controls.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are TTPs in threat hunting?
Open an interactive chat with Bash
How does threat hunting differ from incident response?