Tools Don't Hunt. Tools Find. Analysts Hunt.

Repeated occurrences of excessive adversarial dwell time have fueled schools of thought that to effectively manage an information security program leaders must acknowledge that fundamental cyber solutions such as perimeter defenses, endpoint protection, and anti-malware products can be defeated by motivated threat actors. Thus, "hunting' was born. In its infancy, the practice of hunting was methodical, hypothesis driven, and thorough. 10 years and 20 hype cycles later, tools are leveraged to perform IOC driven hunt's. It's time to make an admission, if our tools could find everything - we wouldn't need hunt processes and we wouldn't need skilled people. The BLUF - Tools don't hunt. Tools Find. Analysts Hunt.