Upskilling Training
Threat Hunting
Cyber threat hunting is an active cyber defence activity. Threat hunting uses known adversary behaviours to proactively examine the network and endpoints in order to identify new data breaches.
Cyber threat hunting is an active cyber defence activity. Threat hunting uses known adversary behaviours to proactively examine the network and endpoints in order to identify new data breaches.
This in-depth threat hunting course provides SOC analyst, Incident Response Team Members and Threat Hunting Teams with advanced skills to hunt down, identify, counter, and recover from a wide range of threats within enterprise networks, including APT nation-state adversaries, organized crime syndicates, and hacktivists. The course uses a hands-on lab to lead you to challenges and solutions via extensive use of the best of breed investigative tools.
English
Duration 4 Days
All employees who want to know how to detect, investigate, fix and recover systems that have been compromised at the endpoints of the organization. Especially for:
Introduction to Threat Hunting
Incident Response
Risk Assessment
What is threat intelligence?
What is digital forensics?
Threat Hunting/Intelligence Simulation
Threat Hunting Terminology
ATT&CK - MITRE's Adversarial Tactics, Techniques, and Common Knowledge
Threat Intelligence
Open Standards for Threat Information Sharing
Threat Sharing & Exchanges
Vendors
Introduction to Endpoint Hunting
Identification of Compromised Systems
Hunting with PowerShell
Malware Overview
Hunting Malware
Malware Persistence Identification
Event IDs, Logging, and SIEMs
Introduction to Network Hunting
Suspicious Traffic Hunting
SIEMs (ELK & Splunk)
The Hunting ELK
This is an advanced course. A solid knowledge of attack techniques, networking, malware investigations, including network and forensic investigations are also prerequisites for attending this course.