How Do I Build a High-Quality Threat Hunt?

NIST 861 is the incident response life cycle. You're going to go ahead and prepare your threat hunt, which is kind of that detection and analysis phase of that. And then as you come out of that, you need to learn something, okay? That learning something could be well, we hunted for something, we didn't find it. But even if you didn't find something based on your hunt, you've learned something. So let's stick in on that one because you talked about building detection around this. I wanted to talk about how we evolved from these manual hunts or like brain driven things into systematized things.