Where do you start with Threat Hunting? I’ve spoken with many individuals who think Threat Hunting is scanning your SIEM for IOCs, but if you’re seeing the IOCs within your SIEM shouldn’t you be blocking those already? Threat Hunting is more complex than most people think and many companies have dedicated Threat Hunting teams. There are some companies that charge big money to come in and Threat Hunt your environment for you, but is it really worth what they charge? Will they get the most out of your budget? What if you have a team, but don’t know where to start? Let’s build a Threat Hunting mindset in each of them. Let’s make everyone a Threat Hunter to show the value to your Executive Staff and then maybe they can give you the budget to really ramp things up.