A 2024 study by Panther Labs revealed that 46% of security professionals believe their current SIEM fails to meet modern detection needs because of excessive costs and limited visibility. Within the evolving Cyber Landscape, relying on legacy infrastructure often means your SOC analysts spend 30% of their time chasing false positives rather than mitigating real threats. It’s frustrating when your security budget evaporates into unpredictable licensing fees as data volumes expand. Mastering how to build a business case for a new siem is no longer just a technical task; it’s a financial necessity for 2026.
Continue reading
Threat Hunting (or TH in short) is quickly emerging as a ho trend in cybersecurity. The onslaught of data breaches we’ve been experiencing, each bigger than the last, proved to organization that they should assume compromise and seek ways to reduce the Dwell time. Dwell time is defined as the number of days that a threat stayed latent before discovery and eradication. In 2016 it was 98 days for financial services firms, and 197 days for retailers on average.
So organizations now “Hunt’ for threats instead of looking for alerts to notify them regarding potential breaches.
Roots
The term “threat hunting” was probably coined by security analyst Richard Bejtlich, who wrote in 2011: “To best counter targeted attacks, one must conduct counter-threat operations (CTOps). In other words, defenders must actively hunt intruders in their enterprise.” The SANS Institute defines threat hunting as follows: “Threat hunting is a focused and iterative approach to searching out, identifying and understanding adversaries that have entered the defender’s networks.”
Even the analyst firm Gartner covers this activity (although not defined as a market segment yet).
Continue reading
