What is threat hunting?
Threat hunting is a proactive, exploratory activity designed to identify unknown threats in an environment. The process is an investigative method of testing an evolving set of hypotheses using threat hunting toolkits that both enable creative detective work and drive workflows based on new findings. Threat hunting techniques shift enterprises from reactive response to proactive identification, enabling them to get ahead in the fight against adversaries.
The difference between threat hunting and investigation
Threat hunting and threat investigation are two different functions within a SOC. Threat hunting is a proactive approach to identifying unknown threats, while threat investigation is a reactive approach to validating and understanding a known threat.