My home network also has a teenage son, teenage daughter, and a wife.
Between the shared network, shared browsers, shared YouTube, television logged into my accounts, and whatever else is out there (Friendster chats?), I have quite the eclectic suggested content and ad feed.

You can usually tell what is me.
History, Star Wars, and DS9 stuff? Definitely me.
There are also these cool knot tutorials.
The knot people get me; that is AI working really well.

Then I get the Japanese cartoons, teenage heart throb stuff, and purses and such for the wife.
The emo phase seems to come and go, though it seems to be gone for now.
Which is a shame, because moving from a dress ad to a big hair band show was shocking and refreshing.
You know, back when men were men, strutting around in big hair, makeup, skin tight leggings, and platform shoes.
I don't know who any of these "famous?" people are nowadays. I’m unimpressed.
Whatever happened to Ja Rule? He knows what’s up.

There are two genres of threat hunting:
One, where you basically have no historical information to go on. If it has a funny hacker name or signatures in a database, then that's just chasing old thrift store or re-gifted malware. This is the sexy stuff, but it is a unicorn.

Then I see people use the term "threat hunting" for chasing stuff that has nice pretty threat intel documentation, IOCs (Indicators of Compromise - think, recipes for how to find the hacker based on their last victims), and known bad programs.

I don't throw shade at that type of "threat hunting", even though purists would call that chasing old stuff.
The fact that use case exists, and is valuable, demonstrates how bad the EDR/XDR alert model has become.
AI has a bright future here, I think.
The work of tracking down KNOWN attacks is drudgery, and overwhelming security teams.

Ironically, the biggest pressure I see hackers NOT implementing heavy automation is that wide scale criminal operations can still get by without implementing their own AI extensively.
If they are happy with lower revenue returns (aka, ransomware) with mediocre automation that gets caught 50% of the time, then why spend the money implementing more aggressive automation?
Also, you can realistically only extort someone so many times. Liquidity (or return to liquidity) represents the biggest speed brake on repeated ransomware attacks. It is all about the Benjamins.

Cyber Crucible is of course chasing a permanent solution with pre-emptive security that doesn't use signatures.
There is still an emerging market for just organizing all of the old attacks, as AI gets better.
But think of EDR/XDR vendors like gas lamps or the horse industry --> neither were excited to see electric lamps or cars emerge, and both fought for market share as long as possible.
There is a strong market for just trying to make the EDR/XDR data more useful while those technologies are phased out or evolved, kicking and screaming.
Obviously ad-focused AI hasn't figured out I am not the person looking at boy bands or kpop (that is Korean Pop, for those without kids).
So cybersecurity AI analytics aren't going to do better for awhile, but there is absolutely value in horse and buggy accessories for a long time.