What is the goal of threat hunting?

The goal of threat hunting is to proactively search for signs of malicious activity within an organization's network before they can cause harm. This involves identifying security breaches that have gone undetected by automated security systems. Organizations engage in threat hunting to enhance their ability to detect advanced persistent threats and other sophisticated attacks that traditional security measures might miss. By actively seeking out indicators of compromise, security teams can mitigate risks, respond to incidents quickly, and strengthen their overall security posture.

In contrast to identifying breaches, increasing network size, eliminating all traffic, or encrypting all data does not align with the primary objective of threat hunting. Those actions may address different aspects of security but lack the proactive approach of searching for existing threats in the environment.