At its core, threat hunting can be very much like real-life hunting. It requires an exceptional set of skills such as patience, observation, reasoning, and tracking variations that are different from the norm. Generally speaking, most organizations have some level of defense or security mitigations placed in and around the environment based on the understanding of the threats that they most commonly face or are susceptible to.
But with the constantly evolving nature of the threats and tactics used by attackers, it's likely that some may not be detected due to these mitigations that are in place. Hence, it's imperative that we have a process in place to actively and proactively hunt for threats in our environment based on attack patterns, network/application anomalies, and hunt hypotheses.
The objective of threat hunting is to actively identify existing compromises and threats that are otherwise unknown to deployed security capabilities...