Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Register for CSA’s free Virtual Cloud Trust Summit to tackle enterprise challenges in cloud assurance.

Cloud Security: The Necessity of Threat Hunting

Home
Industry Insights
Cloud Security: The Necessity of Threat Hunting

Blog Article Published: 10/28/2020

By the CSA Minnesota Chapter

What is threat hunting?

Threat hunting is the proactive search for real and potential threats that may be hidden in a network’s environment. These threats are tricky and malicious and are designed to pass through endpoint defenses undetected. If unfound, these attacks can compromise critical data, even gaining access across your entire environment. While traditional security programs are important, threat hunting goes above and beyond by identifying and ultimately helping to remediate vicious attacks.

Why It Needs to Matter to YOU

This is where YOU come in. The best front-line, security defense starts with the individual. As a security professional, you must know the best practices of the industry and be aware of existence and tendencies of these (and other) types of attacks. At Cloud Security Alliance (CSA), we aim to raise awareness of best practices to help ensure a secure cloud computing environment.

Each year there are an increasing amount of cloud security roles within organizations. No matter what your security focus is, having an understanding of how a threat actor thinks, how they operate, vulnerabilities they exploit along with an overview of the tools they use for attacks will allow you to be a more effective security professional. Having a better understanding from a threat actor point of view, whether deep or high-level, will assist you and your career in the following ways:

  • Enable you to better explain security decisions to your peers, work colleagues and leaders.
  • Promote better and more informed decision-making practices.
  • Open the door to new opportunities and career paths.
  • Share experiences by mentoring our next generation of security professionals.

What YOU Can Do

First, it is crucial that you know what “normal” looks like on your network. This is where you need to create a baseline, so comparison is easier. Anything not considered normal should immediately raise a red flag. Additionally, try to remain unbiased and do not let any preconceived notions affect your judgement of what normal looks like. Anything unordinary should be flagged for investigation or potential remediation.

Knowing what normal looks like on your network is a great baseline to begin threat hunting, however, it is just the beginning. Knowledge is power, as they say, and a security professional can never be overly informed. That is why CSA has partnered with RSA. With this partnership, RSA will begin to offer ongoing virtual threat hunting workshops. These workshops will cut through all the nonsense and give you real-world, practical, hands-on knowledge of why threat hunting is a critical part of any security program and give you the tools you need to stop the most malicious attacks.

To sign-up for the Hands On Threat Hunting Workshop please follow the instructions on the following page - https://webinars.on24.com/rsa/VirtualHUHOCSAMinneapolis

Any questions about the hands-on workshop please send them to [email protected].

Cyber Incident SharingTop Threats

Share this content on your favorite social network today!

Latest from CSA
AI Summit at RSAC 2024
The State of AI and Security Survey Report
Data Resiliency Survey 2024
Trending This Week
#1 What is the Cloud Controls Matrix (CCM)?
#2 Zero Trust and AI: Better Together
#3 Test Accounts: Another Compliance Risk
#4 AI Safety vs. AI Security: Navigating the Commonality and Differences
#5 Is PQC Broken Already? Implications of the Successful Break of a NIST Finalist
Level up with Cloud Infrastructure Security Training
Related Articles:
Do You Know These 7 Terms About Cyber Threats and Vulnerabilities?

Published: 04/19/2024

7 Common Causes of Data Breach: Safeguarding Your Digital Assets

Published: 04/18/2024

From Gatekeeper to Guardian: Why CISOs Must Embrace Their Inner Business Superhero

Published: 04/15/2024

Securing Non-Human Identities: Lessons from the Cloudflare Breach

Published: 04/10/2024