What needs improvement with Threat Hunting Framework?


Please share with the community what you think needs improvement with Threat Hunting Framework.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
11 Answer

author avatar
Top 5LeaderboardConsultant

The nature of the system means it has to be implemented throughout the organization. You need to implement it on the network layer, the email layer, the web proxy layer, and also the endpoint tunnel. Monitoring the endpoint could be improved because customers are currently reluctant to get insulation from the endpoint because it requires a huge effort. We have about 40,000 endpoints and we need to have a simplified method of deployment if we're going to offer the endpoint effectively. Product features also need some improvement in creating custom signatures for detection because that is not open to customers.

Find out what your peers are saying about Group-IB, Cognyte, Intel 471 and others in Threat Intelligence Platforms. Updated: July 2021.
523,742 professionals have used our research since 2012.