Security teams adapt as cybercriminals leverage AI and cloud vulnerabilities
2025 Threat Hunting Survey
Bethesda, MD, March 05, 2025 (GLOBE NEWSWIRE) — As cyber threats grow more sophisticated, organizations are rethinking their approach to threat hunting. The newly released SANS 2025 Threat Hunting Survey, led by SANS Principal Instructor Josh Lemon, reveals how security teams are adapting to combat adversaries leveraging generative AI and exploiting cloud vulnerabilities. With cybercriminals deploying stealthier tactics, the need for proactive threat detection has never been more urgent.
The survey findings will be explored in an exclusive SANS webcast on March 13, 2025, at 10:30 AM EST, offering security professionals data-driven insights into how organizations are evolving their threat hunting strategies. Free registration is available at: SANS Webcast Registration.
Key Findings from the 2025 Threat Hunting Survey:
- Threat hunting strategies are evolving: 45% of organizations now update methodologies as needed, up from 35% in 2024.
- Declining reliance on outsourcing: Organizations fully outsourcing threat hunting dropped to 30%, down from 37% last year.
- Skilled staffing shortages remain a major hurdle: 61% of respondents cite workforce limitations as a primary challenge to success.
- Shift in ransomware activity: Ransomware detections declined from 63% to 46%, but targeted exfiltration remains a top concern at 57%.
- Nation-state actors rely on stealth: 76% of organizations report encountering Living off the Land (LOTL) techniques, unchanged from last year.
- Increased investment in staffing: 40% of organizations are increasing staffing investment (10% or more), while 31% report no planned changes.
- Rise in internally built threat-hunting tools: Commercial tool usage dropped to 58% (from 70%), while reliance on in-house tools grew to 48%.
- Organizations prioritize vendor research: 76% of organizations turn to vendor blogs and whitepapers as their primary source of threat intelligence.
- Top tools for threat hunting: EDR/XDR remains the leading solution, followed by SIEM and NDR.
“Threat hunters must master Living off the Land (LOTL) techniques – this year’s report found that 76% of nation-state actors, 59% of ransomware groups, and 44% of espionage attackers use these methods to evade detection. Traditional defenses often miss these stealthy techniques, making proactive threat hunting essential,” said Josh Lemon, SANS Principal Instructor.
Join the Webcast for Exclusive Insights
The SANS 2025 Threat Hunting Survey webcast will provide critical insights for security analysts, CISOs, and cybersecurity professionals seeking to refine their threat detection strategies. Attendees will gain data-driven recommendations, expert analysis, and practical takeaways to stay ahead of adversaries in today’s rapidly shifting threat landscape.
Date: Thursday, March 13, 2025
Time: 10:30 AM EST / 14:30 UTC
Location: Online Webcast (Free Registration Required)
Register Here: SANS Webcast Registration
Attachment
CONTACT: Jenn Elston SANS Institute 301-654-7267 press@sans.org
- Keep America Beautiful® Celebrates Earth Day with Coast-To-Coast Cleanups as Momentum Builds for Historic National Litter Reduction Goal - April 22, 2025
- CMVC Acquires Orlando Medical Institute, Expanding Its Healthcare Education Portfolio with Paramedic and Emergency Medical Programs - April 22, 2025
- Greene County Bancorp, Inc. Reports Net Income of $8.1 Million for the Quarter Ended March 31, 2025 and Reaches New Milestone of $3.0 Billion in Assets - April 22, 2025
