Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Chronicle Return to the Chronicle homepage
Security Operations Platform arrow_forward expand_more
Security Operations Platform

Explore the Security Operations Platform for the modern SOC.

Security Operations Platform
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
Detect Detect threats with confidence by storing and analyzing all your security telemetry at Google scale.
Investigate Get faster insights with context and depth of investigation to stay ahead of the latest breaches.
Respond Orchestrate tools, build automation, and collaborate with ease to respond in minutes.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Overview Level up your security team’s performance with four powerful solutions.
SOC Modernization Protect your organization against modern-day threats.
SIEM augmentation Eliminate security blindspots and expand automation.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Solutions for Small to Mid-Sized Business Expert resources for organizations with up to 2000 employees
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Community Join security pros sharing SecOps content and best practices
Contact us Visit the contact us page
Chronicle Return to the Chronicle homepage
Security Operations Platform arrow_forward expand_more
Security Operations Platform

Explore the Security Operations Platform for the modern SOC.

Security Operations Platform
Overview Detect, investigate, and respond to cyber threats with speed, scale, and precision.
Detect Detect threats with confidence by storing and analyzing all your security telemetry at Google scale.
Investigate Get faster insights with context and depth of investigation to stay ahead of the latest breaches.
Respond Orchestrate tools, build automation, and collaborate with ease to respond in minutes.
Solutions arrow_forward expand_more
Solutions

Reimagine your security operations with affordable solutions.

Solutions
Overview Level up your security team’s performance with four powerful solutions.
SOC Modernization Protect your organization against modern-day threats.
SIEM augmentation Eliminate security blindspots and expand automation.
Cloud detection & response Improve investigation and response to cloud-based threats.
Service providers Attract new customers and keep existing ones coming back.
Solutions for Small to Mid-Sized Business Expert resources for organizations with up to 2000 employees
Why Chronicle arrow_forward expand_more
Why Chronicle

Rely on a modern approach to threat detection and response.

Why Chronicle
How we’re different Add Google speed, scale and intelligence to your SOC.
Our customers Discover how modern security teams use Chronicle.
Partners
Resources arrow_forward expand_more
Resources

Get to know us better. Find out what we’ve learned, what’s new, and what’s next.

Resources
Blog Get an inside view of the digital security landscape.
Knowledge Base Sortable whitepapers, datasheets, videos, and more.
Community Join security pros sharing SecOps content and best practices
Mandiant Incident Response Visit the Mandiant Incident Response page
Support Visit the Google Cloud Support hub
Careers Browse open positions at Chronicle
Mandiant is now part of Google Cloud. Learn More Mandiant is now part of Google Cloud. .
Fastest Two Minutes in SecOps: Threat hunting [Part 2] [Video]
Dan Kaplan
Content Marketing, Google Cloud Security
October 26, 2022
Join our security roadshow
Chart your course to be safer with Google
RSVP RSVP

So, you want to threat hunt? Proactive missions to identify malicious activity that is hidden from plain sight–and traditional detection tools and methods—is an obvious practice to undertake, if not a mandatory one.

While the threats that may be lurking in your environment undetected likely comprise only a small proportion of your overall attack landmass, they are potentially the most damaging because they are unknown, ongoing and unremediated—and likely being waged by skilled adversaries.

In Part 1 of our “Fastest Two Minutes in SecOps” on threat hunting, Google Cloud Principal Strategist John Stoner laid the groundwork for why threat hunting has become such a sought-after discipline for organizations wanting to be more proactive in their self-defense.

In this next round, he gets down to brass tacks with a quick-hit rundown of how you should approach a hunt (there are three common methods), how to be focused with your hunt strategy, why you should follow the scientific method for every hunt, and the one day of the week on which you may want to avoid starting a hunt.

After you’re done watching below, check out the newly launched Mandiant Breach Analytics for Chronicle, which can be a key tool in your hunting efforts as it is continuously monitors events in Chronicle SIEM for current, relevant indicators of compromise (IOCs) and applies contextual information and machine learning to prioritize the matches.

Let’s work together

Ready for Google-speed threat detection and response?

Contact us Visit the contact us page