Detection-based security is inherently reactive. Detection rules identify behavior that security teams have already anticipated and modeled. While detections remain critical to security operations, they cannot account for every attacker technique, environmental change, or emerging campaign, especially when AI-driven attacks are increasing the volume and sophistication of threats that security teams must defend.
Proactive threat hunting—the practice of searching for adversary behavior before an alert fires—can help teams identify threats earlier in the attack life cycle. But threat hunting requires deep security expertise, familiarity with internal systems and individual business context, and sustained analyst attention, which makes continuous hunting difficult. For many organizations, threat hunting happens periodically during incident response engagements or after a security event rather than continuously as part of daily operations.
To make proactive hunting more accessible and integrate into your environment, we’re introducing Bits Threat Hunting, an autonomous agent in Datadog Cloud SIEM that’s designed to help teams:
Extend threat hunting coverage with AI-driven investigationsApply layered threat intelligence across security workflowsAdapt detections and investigations to their own environments
