Understanding Threat Hunting Personas

Files

FinalReport_UVicSpace.pdf (12.65 MB)

Date

2024-02-08

Authors

Hill, Samantha
Maciel Paz Milani, Alessandra
Curtis, Callum
Starr, Arty
Larios Vargas, Enrique
Dunn, Marcus
Storey, Margaret-Anne

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Who are threat hunters? What does a threat hunting workflow look like? What are the challenges they face? We respond to these, and other questions based on the findings obtained through a mix of qualitative research methods, including interviews with 20 threat hunters from several sectors of industry and different parts of the globe. We discovered a rich context of threat hunting practices and tools. We will introduce several diverse personas that emerged from our research. We will discuss the tools, technologies, resources of information and communities these personas rely on, and how they work together to detect and mitigate threats. Additionally, we will briefly introduce the interview process, as well as the participant demographics.

Description

Keywords

cybersecurity, threat hunting, personas, security

Citation

URI

http://hdl.handle.net/1828/15969

Collections

Faculty Publications (Engineering and Computer Science)
 
University of Victoria Libraries

We acknowledge and respect the Lək̓ʷəŋən (Songhees and Esquimalt) Peoples on whose territory the university stands, and the Lək̓ʷəŋən and W̱SÁNEĆ Peoples whose historical relationships with the land continue to this day.