What vulnerabilities threats should we threat hunt in our environment?

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

Post Flair (click to view more posts with a particular flair)

Other

Post Body

We have a vuln threat intel process where we take applicable CVE that are critical vulns or high vulns that has either has known exploitation or public POC and report them to the relevant team to get them patched.

I have been handed in a requirement to pass relevant vulns/CVEs to perform manual threat hunting. What kind of criteria should there be to prioritise which one should be done. E.g. If critical -> go straight to threat hunt. If actively exploited -> go straight to threat hunt. If high (and has public POC) and its RCE or ease exploitation -> go straight to threat hunt otherwise hold off for a bit.

Is there a better way to define these criteria?

Author

Account Strength

70%

Account Age

3 years

Verified Email

Yes

Verified Flair

Total Karma

783

Link Karma

397

Comment Karma

274

Profile updated: 5 days ago

VertigoRoll

Subreddit

r/AskNetsec

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.

Posted: 9 months ago
Reddit URL: View post on reddit.com
External URL: reddit.com/r/AskNetsec/c...