No matter their size, billions of dollars are spent on a yearly basis to protect networks at companies, yet headline-grabbing data breaches still occur. With security incidents impacting companies like Yahoo, LinkedIn, Friend Finder Networks, and countless of breaches affecting small to medium-sized businesses across industries, it may be time for companies to assume they’ve already been compromised.
We commonly hear about security and risk departments needing to take a proactive rather than reactive approach to securing their network. One way to tackle that task is through hunt teaming, which allows a security practitioner to find systems that have already been compromised by hackers actively.
“The longer an attacker is inside your network, the more damage they can do,” says Paul Asadoorian, CEO of Offensive CounterMeasures, founder of Security Weekly, former pentester. “If we can find these compromises sooner, we’re in much better shape.”
Here's where hunt teaming comes in. By accepting the fact that an intruder is going to be in their network and tracking down that activity, Asadoorian says that companies can stop their activity before any real damage is done.
Security teams already have their hands full as it relates to maintaining systems, addressing requests, and staying on top of evolving technology. And with management wanting costs cut and uptime to be supreme, taking this proactive approach may be a lot easier said than done.
In this video interview with Infosec Insider, Asadoorian discusses the benefits of hunt teaming as it relates to today’s threat landscape, why having a human analyst edges out automation, and what that analyst’s skill set should be.