Mark Thomas Talks about Threat Hunting

TechSpective Podcast Episode 101

 

There are many facets to cybersecurity. Organizations seek to prevent or block as much as possible, while also constantly monitoring their environments, and–in most cases–working to detect and respond to any malicious code or behavior that somehow slipped past the outer defenses. Threat hunting is an element of cybersecurity that helps security operations teams proactively identify and take action against active threats.

Not everyone agrees on the definition of threat hunting, though. Is it a service? Is it a process? Can you buy a threat hunting tool that can just automate the whole thing for you? Gartner analyst Pete Shoard shared his thoughts in a 2020 blog post–including stating very clearly that he does not believe it is a service:

“If there is one thing I know well, that’s managed security services. Therefore, I can confidently say that threat hunting is NOT a service. Nobody ever said I want to buy some of that ‘threat hunting’ stuff. Buyers of security services should focus on outcomes, outcomes are based on a threat hunts being successful. Services that offer threat hunting as a value add or as a differentiator, well that’s different.”

Done right, though, threat hunting can play a crucial role in effective cybersecurity. This episode of the TechSpective Podcast focuses on threat hunting–and more specifically how the team at Adobe approaches it.

My guest on this episode is Mark Thomas–a Senior Cyber Security Analyst at Adobe. Prior to joining Adobe, Mark served as a Security Analyst at a major financial institution applying his knowledge and skills from the DoD, building their threat hunting program from the ground up. He graduated from Texas State University in 2012 with a major in Computer Information Systems.

In his role Adobe, Mark is responsible for detecting threats across Adobe’s environments using a variety of machine learning, data science, and deep learning techniques. His team strives to defend against malicious activities by decreasing dwell time and identifying previously undetected issues, visibility gaps, and other security risks.

Check out the full episode for more about threat hunting and the approach that Mark and his team at Adobe take to proactively seek and resolve potential threats.

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

 

Tony Bradley: I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Threads, Facebook, Instagram and LinkedIn.
Related Post