Threat Hunting Evolution: From Sqrrl Cycle to PEAK Framework

Explore the evolution of threat hunting frameworks in this 50-minute conference talk from RSA Conference. Learn how David Bianco, Staff Security Strategist at SURGe by Splunk, reflects on the creation of the Sqrrl Threat Hunting Cycle in 2015 and identifies its shortcomings. Discover the PEAK framework, which incorporates nearly a decade of additional lessons and experience to address these issues. Gain insights into shifting focus away from incidents and detections, and uncover strategies to maximize the potential of your hunting program beyond what was previously thought possible.

I Screwed Up Threat Hunting a Decade Ago and Now We're Fixing it With PEAK