It is with great pleasure that I launch this knowledge site on Threat Hunting to the public. After years of both working in and building SOCs, I have come to a critical conclusion: “We need to move on.” Currently, we rely too much on traditional SOC setups, which hinder our ability to adopt new mindsets and workflows. Simply put, we’ve lost the ability to be agile.

Ever since I started working in SOCs, the approach has remained the same. It’s all about escalating cases from L1 through L3 and then calling it a day. If you’re lucky, there’s some response thrown into the mix. The emphasis is on being reactive instead of proactive. Our mission is clear: the time has come to shift gears towards a proactive approach.

I hope you will join this project! Together, we can revolutionize the way we think about and execute threat hunting. Stay tuned for updates on this project!