Introducing… The Threat Hunter’s Cookbook!

Key Takeaways

  • The security experts on the SURGe team have released The Threat Hunter’s Cookbook, a hands-on guide for security practitioners that features actionable insights into threat hunting methods, ready-to-use queries, and more.
  • SURGe will be signing limited-edition hard copies of the book during Black Hat.
  • Those interested in learning more about The Threat Hunter’s Cookbook can hear from the authors during an upcoming live webinar and at .conf25.

Welcome, Chefs! Today we are excited to announce the release of The Threat Hunter’s Cookbook: a practitioner’s guide to learning, expanding, and applying your analysis repertoire for threat hunting. In this kitchen, our main ingredient is data!

Take the Next Step in Your Threat Hunting Journey

Based on the work of dozens of experts across Splunk, and written by the co-creators of The PEAK Threat Hunting Framework, this book is meant to help you take the next step in your threat hunting journey by addressing the black box of the ‘analysis’ step in your workflow. The book organizes and provides transparency to threat hunting methods — like “searching and filtering,” “sorting and stacking,” “clustering,” “grouping,” and more — through a fun, cookbook-style publication, ripe with cooking metaphors, Chef’s Pro Tips, and (hunting) recipes!

With so many ways to kick off a hunt, it can be hard to select the best approach. And even if you have tried-and-true ways for hunting, this can ultimately cap the ceiling of your potential results — and limit the chance to select the best approach for the hunt.

In addition to providing an organization and overview of the top hunting methods, The Threat Hunter's Cookbook features built-in guides, which tie back to our PEAK terminology, to help you select the optimal approach for every hunt.

From there, we offer specific recipes that take on a problem-solution-discussion format to help you learn, apply, and understand the fundamentals needed to become an SPL master chef.

Get Your Copy of The Threat Hunter’s Cookbook

As we’ve learned from PEAK (winner of the 2024 SANS Difference Makers award for Innovation of the Year), hunting is key to driving the continuous improvement of your knowledge, and in turn, your security. More creative and effective hunting is the way to accelerate and optimize this process — so don’t wait any longer, let’s get cooking!

To get started, download a copy of The Threat Hunter’s Cookbook, and if you can, join us at one of our special Cookbook events! We’ll be:

Bon appétit, and happy hunting!

/en_us/blog/fragments/the-peak-threat-hunting-framework
Style
two-column

Related Articles

Splunk Security Content for Threat Detection & Response: February 2026 Update
Security
5 Minute Read

Splunk Security Content for Threat Detection & Response: February 2026 Update

Stay ahead of cyber threats with the latest Splunk security content. Explore new analytic stories for Shadow AI, Kerberos coercion, and npm supply chain attacks.
STRT-TA03 CPE - Destructive Software
Security
5 Minute Read

STRT-TA03 CPE - Destructive Software

The Splunk Threat Research Team is monitoring several malicious payloads targeting Customer Premise Equipment (CPE) devices. These are defined as devices that are at customer (Commercial, Residential) premises and that provide connectivity and services to the internet backbone
Cisco Security Suite 3.0.2 now includes Cisco IronPort Email Security Appliance (ESA) Data
Security
1 Minute Read

Cisco Security Suite 3.0.2 now includes Cisco IronPort Email Security Appliance (ESA) Data

/en_us/blog/fragments/about-splunk
/en_us/blog/fragments/subscribe-footer