The cyber threat landscape is continuously changing. Attackers develop new tactics, techniques, and procedures (TTPs) to breach and compromise systems. This requires incident response teams to be able to adapt and respond to agile, dynamic threats on a daily basis. The National Cybersecurity and Communications Integration Center’s (NCCIC)/ United States Computer Emergency Readiness Team (US-CERT) Hunt and Incident Response Team (HIRT) is the primary source of incident response and hunt services to the entire federal civilian network space and much of the Unites States critical infrastructure. In this capacity, it is necessary for HIRT to assess and adapt to the myriad of operational hurdles caused by the dynamic nature of an adversary and the uniqueness of every client network that it encounters. Foremost, a sound methodology for ad hoc deployment to client networks must be established. This methodology will serve as the foundation for all hunt and incident response operations. Integration and correlation of data from disparate sources must occur for success to be achieved. Data from hosts, network flow, infrastructure devices, and intelligence sources must all be utilized to achieve success in the field. HIRT must utilize custom hardware and software solutions and accompanying analysis and deployment methodologies for all components of the mission to work seamlessly. Next-generation incident response kits, methodologies, and workflows have been developed to combat this constantly changing threat landscape.