Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Google Podcasts | Stitcher | RSS
TechSpective Podcast Episode 101
There are many facets to cybersecurity. Organizations seek to prevent or block as much as possible, while also constantly monitoring their environments, and–in most cases–working to detect and respond to any malicious code or behavior that somehow slipped past the outer defenses. Threat hunting is an element of cybersecurity that helps security operations teams proactively identify and take action against active threats.
Not everyone agrees on the definition of threat hunting, though. Is it a service? Is it a process? Can you buy a threat hunting tool that can just automate the whole thing for you? Gartner analyst Pete Shoard shared his thoughts in a 2020 blog post–including stating very clearly that he does not believe it is a service:
“If there is one thing I know well, that’s managed security services. Therefore, I can confidently say that threat hunting is NOT a service. Nobody ever said I want to buy some of that ‘threat hunting’ stuff. Buyers of security services should focus on outcomes, outcomes are based on a threat hunts being successful. Services that offer threat hunting as a value add or as a differentiator, well that’s different.”
Done right, though, threat hunting can play a crucial role in effective cybersecurity. This episode of the TechSpective Podcast focuses on threat hunting–and more specifically how the team at Adobe approaches it.
My guest on this episode is Mark Thomas–a Senior Cyber Security Analyst at Adobe. Prior to joining Adobe, Mark served as a Security Analyst at a major financial institution applying his knowledge and skills from the DoD, building their threat hunting program from the ground up. He graduated from Texas State University in 2012 with a major in Computer Information Systems.
In his role Adobe, Mark is responsible for detecting threats across Adobe’s environments using a variety of machine learning, data science, and deep learning techniques. His team strives to defend against malicious activities by decreasing dwell time and identifying previously undetected issues, visibility gaps, and other security risks.
Check out the full episode for more about threat hunting and the approach that Mark and his team at Adobe take to proactively seek and resolve potential threats.
Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.
If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.