A cybersecurity analyst is contributing to a team hunt on an organization’s endpoints.
Which of the following should the analyst do FIRST?
A. Write detection logic.
B. Establish a hypothesis.
C. Profile the threat actors and activities.
D. Perform a process analysis.
Reference: https://www.cybereason.com/blog/blog-the-eight-steps-to-threat-hunting