Threat hunting, definition and framework

Sammanfattning: Being pioneers comes with advantages and responsibility. The concept of threathunting is currently being subsidized by businesses promoting their products. Additionally,there is little or no information regarding the implementation and theeffects, which vary depending on the organization. Threat hunting needed an unbiaseddefinition in accordance with employees in IT security. Consequently, theframeworks used when assessing threat hunting had to be objective. This thesispresents a definition of threat hunting, composed using impartial opinions. Furthermore,the thesis provides unique frameworks to assist when implementing andassessing threat hunting at an organization. This thesis has several areas of application:as a knowledge base for threat hunting, as the recommended practice forimplementing threat hunting and as groundwork for a more comprehensive evaluationof threat hunting capabilities. Ultimately, the thesis offers unprecedentednonpartisan information and recommendations on threat hunting.