Security News > 2021 > June > Like Their Adversaries, Threat Hunters Need Anonymity
How can we be sure that threat hunters stay safe, and don't themselves become a threat to the systems they protect?
Conducting threat intelligence and incident response from unsecure locations can expose threat hunters to discovery by the very hackers they are chasing and opens up technical, legal and governance challenges.
Even when threat hunters work outside the company network, adversaries are becoming more sophisticated, especially in their use of social engineering techniques.
For threat researchers who work for Fortune 100 organizations, critical infrastructure, etc.
If an adversary knows their malware is being analyzed, threat hunters will lose their ability to trace its source and activity, and defend against it.
A safe, obfuscated, sandbox allows threat hunters to continue their work, but it does not pose legal and security risks for the organization.