Course Library

Threat Hunter

A Threat Hunter uses advanced hunting strategies that go beyond traditional passive detection techniques such as signatures and even behavioural analysis.

01 - ABOUT THE COURSE

Our content is aligned with in demand skills required in industry with rapid constant continual development to become highly sought-after members of industry. Our focus is on workforce “development”, long term career growth and challenging traditional placement systems and services. This course is an advanced course only available to those who have minimum 6 months experience as a Cyber Security Analyst.

As the title suggests, a Threat Hunter uses advanced hunting strategies that go beyond traditional passive detection techniques such as signatures and even behavioural analysis. Throughout this course you’ll be introduced to these advanced strategies, and discover how to conduct a hypothesis driven hunt based on current threat intelligence.

With the dwell time of cyber threat actors in our networks still hovering between 49 and 99 days before discovery, there is a huge need to improve cyber threat protection and detection – and a massive opportunity for a skilled Threat Hunter to make their mark within their own work environment and in the global cyber security environment.

Threat hunting naturally falls under defensive security and is commonly referred to as tier 3 analyst within a SOC.  

Threat Hunting, unlike passive alert driven defence, is a form of active defence driven by threat intelligence. Threat Hunters can quickly assess a company's most valuables data, the crown jewels, and the threat actors likely to target these. They can then immediately begin hunting in these locations and discover threats far earlier than picked up by conventional passive defences.    

02 - COURSE OUTLINE

Introduction to Threat Hunting

1

Threat Hunting Prerequisites

1

Threat Hunting Methodology

1

Scoping - Requirements and Environment

1

Generating Hypotheses to drive a Threat Hunt

1

The Cyber Kill Chain and MITRE ATT&CK Framework

1
Module Overview - CKC and MITRE ATT&CK
5
The Cyber Kill Chain and MITRE ATTCK
5
What is the Cyber Kill Chain
5
Introduction to the MITRE ATT&CK Framework
5
MITRE ATTACK Framework Walkthrough
5
Windows Logging MITRE ATTCK
5
End of Module Quiz
5
MITRE ATTCK Assessment
5

Data Sources for a Threat Hunter

1
Module Overview - Data Sources
5
Data Sources
5
Data Sources Analysis Methods
5
Data Sources - Where they Exist
5
The External Perimeter - Fundamentals of Web Log Analysis
5
bWAPP User Agent Assessment Overview
5
bWAPP Assessment
5
End of Module Quiz
5

Begin your transition from Military to a Tech Career

Begin my journey

OUR PARTNERS IN EXPANSION

Just some of the awesome companies that use our services