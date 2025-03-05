Bethesda, MD, March 05, 2025 (GLOBE NEWSWIRE) -- As cyber threats grow more sophisticated, organizations are rethinking their approach to threat hunting. The newly released SANS 2025 Threat Hunting Survey, led by SANS Principal Instructor Josh Lemon, reveals how security teams are adapting to combat adversaries leveraging generative AI and exploiting cloud vulnerabilities. With cybercriminals deploying stealthier tactics, the need for proactive threat detection has never been more urgent.

The survey findings will be explored in an exclusive SANS webcast on March 13, 2025, at 10:30 AM EST, offering security professionals data-driven insights into how organizations are evolving their threat hunting strategies. Free registration is available at: SANS Webcast Registration.

Key Findings from the 2025 Threat Hunting Survey:

Threat hunting strategies are evolving: 45% of organizations now update methodologies as needed, up from 35% in 2024.

45% of organizations now update methodologies as needed, up from 35% in 2024. Declining reliance on outsourcing: Organizations fully outsourcing threat hunting dropped to 30%, down from 37% last year.

Organizations fully outsourcing threat hunting dropped to 30%, down from 37% last year. Skilled staffing shortages remain a major hurdle: 61% of respondents cite workforce limitations as a primary challenge to success.

61% of respondents cite workforce limitations as a primary challenge to success. Shift in ransomware activity: Ransomware detections declined from 63% to 46%, but targeted exfiltration remains a top concern at 57%.

Ransomware detections declined from 63% to 46%, but targeted exfiltration remains a top concern at 57%. Nation-state actors rely on stealth : 76% of organizations report encountering Living off the Land (LOTL) techniques, unchanged from last year.

: 76% of organizations report encountering Living off the Land (LOTL) techniques, unchanged from last year. Increased investment in staffing: 40% of organizations are increasing staffing investment (10% or more), while 31% report no planned changes.

40% of organizations are increasing staffing investment (10% or more), while 31% report no planned changes. Rise in internally built threat-hunting tools: Commercial tool usage dropped to 58% (from 70%), while reliance on in-house tools grew to 48%.

Commercial tool usage dropped to 58% (from 70%), while reliance on in-house tools grew to 48%. Organizations prioritize vendor research: 76% of organizations turn to vendor blogs and whitepapers as their primary source of threat intelligence.

76% of organizations turn to vendor blogs and whitepapers as their primary source of threat intelligence. Top tools for threat hunting: EDR/XDR remains the leading solution, followed by SIEM and NDR.

“Threat hunters must master Living off the Land (LOTL) techniques – this year's report found that 76% of nation-state actors, 59% of ransomware groups, and 44% of espionage attackers use these methods to evade detection. Traditional defenses often miss these stealthy techniques, making proactive threat hunting essential,” said Josh Lemon, SANS Principal Instructor.

Join the Webcast for Exclusive Insights

The SANS 2025 Threat Hunting Survey webcast will provide critical insights for security analysts, CISOs, and cybersecurity professionals seeking to refine their threat detection strategies. Attendees will gain data-driven recommendations, expert analysis, and practical takeaways to stay ahead of adversaries in today’s rapidly shifting threat landscape.

Date: Thursday, March 13, 2025

Time: 10:30 AM EST / 14:30 UTC

Location: Online Webcast (Free Registration Required)

Register Here: SANS Webcast Registration

