{"id":2062,"date":"2018-07-19T15:02:30","date_gmt":"2018-07-19T19:02:30","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=2062"},"modified":"2019-04-01T11:11:39","modified_gmt":"2019-04-01T15:11:39","slug":"get-most-threat-hunting-practices","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/","title":{"rendered":"How to Get The Most Out of Your Threat Hunting Practices"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-2063\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg\" alt=\"threat hunting SIEM solution\" width=\"800\" height=\"433\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage-300x162.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage-768x416.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage-499x270.jpg 499w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage-150x81.jpg 150w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage-333x180.jpg 333w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The current state of cybersecurity can be summarized thusly: <\/span><\/p>\n<ul style=\"text-align: justify\">\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">The previous paradigm was dominated by the idea of threat prevention.<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">As digital threat actors have grown more sophisticated and more persistent, enterprises\u2019 IT security perimeter have become more porous. <\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Attackers have more attacks vectors and more opportunities to increase their dwell time. <\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">No preventative measure, no matter how strong, can deflect 100% of attacks. <\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Thus the cybersecurity paradigm has shifted from prevention to threat detection and response.<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/logrhythm.com\/forrester-wave-security-analytics-analyst-report-2018\/?utm_source=Solutions-Review&amp;utm_medium=cpc&amp;utm_campaign=Solutions-Review&amp;AdGroup=&amp;utm_program=NAcpc1&amp;utm_content=C-Download-Now&amp;utm_region=NA&amp;utm_language=en\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/10\/PM_Forrester_Wave_Display_C.jpg\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">SIEM solutions are perfectly primed to facilitate this widespread refocus on threat detection; they can provide better visibility into enterprise networks, compile, standardize, and correlate disparate security events, alert security researchers to potential threats, and generate logs for compliance. However, IT security teams need to be actively engaged with their SIEM solution in examining the possible threats and finding the legitimate attacks in order to make the most of your solution and its log information. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">In other words, your IT security team needs to be threat hunting.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">But how do you facilitate the best threat hunting possible? How can your threat hunting work with, rather than against, your SIEM solution? And what talents do your team need to become expert threat hunters? <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Here\u2019s what you need to know: <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Develop Your Team\u2019s Killer Instincts<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">We here at Solutions Review constantly warn enterprises to assume that they will be targeted by a digital threat actor rather than thinking it can\u2019t happen to them. A similar principle applies to threat hunting: when in doubt, always assume you have been breached. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">SIEM solutions have a reputation (not necessarily undeserved) of generating false positives in their security event correlations. Yet assuming that all of the alerts are false throws the metaphorical baby out with the bathwater. Your team needs to explore the possibility that every alert is a legitimate threat and pursue each with the same energy and with the same critical eye. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">In threat hunting, as in real life, you may not always find your quarry. The trail may go nowhere. But if you do not follow each lead, your prey will get away every time. <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Train Your Team on What to Look For<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">It can be difficult at times to recognize what is and isn\u2019t a legitimate attack while threat hunting. Some activities are flagged as suspicious when they are just an unusual business activity or even a regular activity. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, these activities can be a sign of something nefarious on your network: <\/span><\/p>\n<ul style=\"text-align: justify\">\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Communications or processing slowdowns<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Unusually consistent byte pattern<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Suspicious Site Interactions<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Failed Login Attempts<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Unexpected Privilege Changes<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Password Dumping Programs<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Exploit or Backdoor Appearances<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Make sure your IT security team knows how to recognize these and how to track them down. \u00a0\u00a0\u00a0\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Teach What to Do If Your Threat Hunting Finds Something<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">If your security team\u2019s threat hunting endeavors do find the signs of a legitimate attack, do they know what they need to do next? <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">You need to make sure that your IT security team has the technology and skills to recognize the full scale of an attack and be able to respond to it accordingly. Your team needs to be able to respond to discovered threats of all varieties, predict what each threat is aiming to do and where it will go in your network, and adapt quickly. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Customizing your existing tools can be an option, but it can be a lengthy process that could hamper your threat hunting efforts. Make sure your SIEM solution is as facilitating to threat hunting as possible to keep the process running smoothly. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">If your team can\u2019t close off all of the attack vectors or stop the attack in full, your system will remain compromised for longer and therefore accumulate more damage. <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Threat Hunting Begins with a Single Step<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Accumulating the right skills and technologies for threat hunting is, of course, important, but threats are coming in every day and from every direction. Waiting for the \u201cperfect team\u201d will result in longer dwell times and unchallenged hackers running rampant on your network. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Your IT security team needs to get started on their threat hunting early. Even if some of them are inexperienced at threat hunting, they will acquire that experience keeping your enterprise safe. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Even the best threat hunters started off fresh-faced. Give your green team the experience they need to become the veterans your enterprise deserves.<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Get Proactive<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">With a SIEM solution on your side, it can be easy to think of threat hunting as entirely reactionary. Your threat hunting team could end up waiting for a security alert to investigate, only then springing into action after a threat has already started attracting attention. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">While the temptation to let threats come to you can be powerful, your IT security team should be threat hunting proactively, not reactively. They should be patrolling your networks for any sign of illicit activity or intrusion and taking the steps to shore up your network defenses when they can. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Remember: if your SIEM solution discovers security event information pointing to a threat, <\/span><i><span style=\"font-weight: 400\">that means a threat has already penetrated your network<\/span><\/i><span style=\"font-weight: 400\">. Your IT team should be doing everything in its power to stop that from happening at all.<\/span><\/p>\n<p style=\"text-align: justify\"><strong>Other Resources:<\/strong><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/get-employees-embrace-siem-best-practices\/\" target=\"_blank\" rel=\"noopener noreferrer\">Get Your Employees to Embrace SIEM Best Practices!<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/4-tips-make-data-breach-detection-easier-enterprise\/\" target=\"_blank\" rel=\"noopener noreferrer\">4 Tips to Make Data Breach Detection Easier For Your Enterprise<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/dont-become-complacent-in-your-cybersecurity\/\" target=\"_blank\" rel=\"noopener noreferrer\">Enterprises: Don\u2019t Become Complacent in Your Cybersecurity!<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/make-siem-solution-deployment-easier-enterprise\/\" target=\"_blank\" rel=\"noopener noreferrer\">How to Make Your SIEM Solution Deployment Easier for Your Enterprise<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/comparing-the-top-siem-vendors-solutions-review\/\" target=\"_blank\" rel=\"noopener noreferrer\">Comparing the Top SIEM Vendors \u2014 Solutions Review<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/ueba-prevent-insider-threats-enterprise\/\" target=\"_blank\" rel=\"noopener noreferrer\">How UEBA Can Prevent Insider Threats in your Enterprise<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-vs-security-analytics-whats-difference\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM vs Security Analytics: What\u2019s the Difference?<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/risk-analytics-bridge-the-cybersecurity-talent-gap\/\" target=\"_blank\" rel=\"noopener noreferrer\">Should Risk Analytics Bridge the Cybersecurity Talent Gap?<\/a><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The current state of cybersecurity can be summarized thusly: The previous paradigm was dominated by the idea of threat prevention. As digital threat actors have grown more sophisticated and more persistent, enterprises\u2019 IT security perimeter have become more porous. Attackers have more attacks vectors and more opportunities to increase their dwell time. No preventative measure, [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":2063,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551],"tags":[95,145,112,86,21,57,22,347],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Get The Most Out of Your Threat Hunting Practices<\/title>\n<meta name=\"description\" content=\"Your IT security team needs to be threat hunting. But how do you facilitate the best threat hunting possible while working with SIEM?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Get The Most Out of Your Threat Hunting Practices\" \/>\n<meta property=\"og:description\" content=\"Your IT security team needs to be threat hunting. But how do you facilitate the best threat hunting possible while working with SIEM?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/\" \/>\n<meta property=\"og:site_name\" content=\"SIEM Tools &amp; Security Event Management | Solutions Review\" \/>\n<meta property=\"article:published_time\" content=\"2018-07-19T19:02:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-04-01T15:11:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"433\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/\",\"name\":\"How to Get The Most Out of Your Threat Hunting Practices\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg\",\"datePublished\":\"2018-07-19T19:02:30+00:00\",\"dateModified\":\"2019-04-01T15:11:39+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Your IT security team needs to be threat hunting. But how do you facilitate the best threat hunting possible while working with SIEM?\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg\",\"width\":800,\"height\":433,\"caption\":\"Fidelis Cybersecurity Discovers Obstacles to Threat Hunting\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Get The Most Out of Your Threat Hunting Practices\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"SIEM Tools &amp; Security Event Management | Solutions Review\",\"description\":\"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Get The Most Out of Your Threat Hunting Practices","description":"Your IT security team needs to be threat hunting. But how do you facilitate the best threat hunting possible while working with SIEM?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/","og_locale":"en_US","og_type":"article","og_title":"How to Get The Most Out of Your Threat Hunting Practices","og_description":"Your IT security team needs to be threat hunting. But how do you facilitate the best threat hunting possible while working with SIEM?","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/","og_site_name":"SIEM Tools &amp; Security Event Management | Solutions Review","article_published_time":"2018-07-19T19:02:30+00:00","article_modified_time":"2019-04-01T15:11:39+00:00","og_image":[{"width":800,"height":433,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/","name":"How to Get The Most Out of Your Threat Hunting Practices","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg","datePublished":"2018-07-19T19:02:30+00:00","dateModified":"2019-04-01T15:11:39+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Your IT security team needs to be threat hunting. But how do you facilitate the best threat hunting possible while working with SIEM?","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/07\/Webp.net-resizeimage.jpg","width":800,"height":433,"caption":"Fidelis Cybersecurity Discovers Obstacles to Threat Hunting"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/get-most-threat-hunting-practices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"How to Get The Most Out of Your Threat Hunting Practices"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"SIEM Tools &amp; Security Event Management | Solutions Review","description":"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2062"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=2062"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2062\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/2063"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=2062"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=2062"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=2062"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}