Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Chronicle Return to the Chronicle homepage
Security Operations Suite arrow_forward expand_more
Security Operations Suite

Explore the Security Operations Suite for the modern SOC.

Security Operations Suite
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
SIEM Eliminate security blindspots and fight threats with the speed and scale of Google.
SOAR Orchestrate, automate, and collaborate with ease to respond to threats in minutes, not days.
Threat intelligence Stay ahead of adversaries with Google’s unparalleled threat intelligence.
Marketplace Explore pre-packaged use cases and hundreds of integrations.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Overview Level up your security team’s performance with four powerful solutions.
SecOps transformation Accelerate business transformation and maximize threat coverage.
SIEM augmentation Eliminate security blindspots and expand automation.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Events Find out where you can interact with us or learn more live.
News Read what the media are saying about Chronicle.
Community Join security pros sharing SecOps content and best practices
Contact us Visit the contact us page
Chronicle Return to the Chronicle homepage
Security Operations Suite arrow_forward expand_more
Security Operations Suite

Explore the Security Operations Suite for the modern SOC.

Security Operations Suite
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
SIEM Eliminate security blindspots and fight threats with the speed and scale of Google.
SOAR Orchestrate, automate, and collaborate with ease to respond to threats in minutes, not days.
Threat intelligence Stay ahead of adversaries with Google’s unparalleled threat intelligence.
Marketplace Explore pre-packaged use cases and hundreds of integrations.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Overview Level up your security team’s performance with four powerful solutions.
SecOps transformation Accelerate business transformation and maximize threat coverage.
SIEM augmentation Eliminate security blindspots and expand automation.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Events Find out where you can interact with us or learn more live.
News Read what the media are saying about Chronicle.
Community Join security pros sharing SecOps content and best practices
Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Mandiant is now part of Google Cloud. Learn More Mandiant is now part of Google Cloud. .
Fastest Two Minutes in SecOps: Threat hunting [Part 2] [Video]
Dan Kaplan
Content Marketing, Google Cloud Security
October 26, 2022
Join our security roadshow
Chart your course to be safer with Google
RSVP RSVP

So, you want to threat hunt? Proactive missions to identify malicious activity that is hidden from plain sight–and traditional detection tools and methods—is an obvious practice to undertake, if not a mandatory one.

While the threats that may be lurking in your environment undetected likely comprise only a small proportion of your overall attack landmass, they are potentially the most damaging because they are unknown, ongoing and unremediated—and likely being waged by skilled adversaries.

In Part 1 of our “Fastest Two Minutes in SecOps” on threat hunting, Google Cloud Principal Strategist John Stoner laid the groundwork for why threat hunting has become such a sought-after discipline for organizations wanting to be more proactive in their self-defense.

In this next round, he gets down to brass tacks with a quick-hit rundown of how you should approach a hunt (there are three common methods), how to be focused with your hunt strategy, why you should follow the scientific method for every hunt, and the one day of the week on which you may want to avoid starting a hunt.

After you’re done watching below, check out the newly launched Mandiant Breach Analytics for Chronicle, which can be a key tool in your hunting efforts as it is continuously monitors events in Chronicle SIEM for current, relevant indicators of compromise (IOCs) and applies contextual information and machine learning to prioritize the matches.

Let’s work together

Ready for Google-speed threat detection and response?

Contact us Visit the contact us page