Advanced Threat Hunting

Microsoft 365 Defender uses various techniques based on machine learning for detecting malicious activities, and will in many cases trigger an alert when there is clear evidence of an attack. Nevertheless, security analysts from the baseVISION SOC should continue to proactively hunt for suspicious activities.

What is the Advanced Threat Hunting service about?

Threat hunting is an active cyber defense activity. It is the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.

Advanced hunting included in Microsoft Sentinel is a query-based threat-hunting tool that lets security analysts explore raw data up to the defined retention period within the Log Analytics workspace. Security analysts can proactively identify events on endpoints. Flexible access to data enables wide-ranging searches for known anomalies and threats defined by customers.

What will be provided with the Advanced Threat Hunting service?

Our Security Operation Center Team will provide with the Advanced  Threat Hunting service the following:

  • Periodic Threat hunting for a defined list of MITRE ATT&CK techniques across Microsoft 365 Defender Data within Microsoft Sentinel.

  • Update hunting queries to reduce false positives

  • Summary of threat hunting results

  • Notification of customer security team when identifying potential threats that require further investigation.¬†


With this SOC service, our security analysts support your organization to improve the overall security landscape. The most important benefits are the following:

  • Proactively uncover hidden security incidents

  • Provide results for measures in your infrastructure

  • Reduces business risks with early detection and elimination

  • Provides visibility into deviations and anomalies for your security analysts

Linked services and products to Advanced Threat Hunting:

Do you have a special request or want more information? We are happy to help you.