Hill, SamanthaMaciel Paz Milani, AlessandraCurtis, CallumStarr, ArtyLarios Vargas, EnriqueDunn, MarcusStorey, Margaret-Anne2024-02-082024-02-0820232024-02-08http://hdl.handle.net/1828/15969Who are threat hunters? What does a threat hunting workflow look like? What are the challenges they face? We respond to these, and other questions based on the findings obtained through a mix of qualitative research methods, including interviews with 20 threat hunters from several sectors of industry and different parts of the globe. We discovered a rich context of threat hunting practices and tools. We will introduce several diverse personas that emerged from our research. We will discuss the tools, technologies, resources of information and communities these personas rely on, and how they work together to detect and mitigate threats. Additionally, we will briefly introduce the interview process, as well as the participant demographics.enAttribution-NonCommercial-ShareAlike 2.5 Canadacybersecuritythreat huntingpersonassecurityTechnical Report