Threat Hunting
Understand the fundamentals of threat hunting, and learn how to build your own methodology for effective hunting across your infrastructure.
In this module, we’ll tackle ways to hunt known Tactics, Techniques and Procedures (TTPs) using different methodologies of threat hunting. You will learn to effectively differentiate benign and malicious activity from a large dataset of logs ingested in a SIEM. Additionally, you will be tasked to hunt and investigate scenarios that typically occur in real life.
0%
Threat Hunting: Introduction
Behind the scenes of Threat Hunting - mindset, process, and goals.
0%
Threat Hunting: Foothold
Hunting suspicious activities indicating initial user or host compromise.
0%
Threat Hunting: Pivoting
Hunting suspicious activities indicating threat propagation across the infrastructure.
0%
Threat Hunting: Endgame
Learn how to hunt and discover suspicious activities indicating actions on objectives.
0%
Hunt Me I: Payment Collectors
A Finance Director was recently phished. Can you hunt the logs and determine what damage was done?
0%
Hunt Me II: Typo Squatters
One of your software developers unknowingly installed a malicious software. Can you trace back the root cause?
Need to know
Log Analysis
Log analysis is collecting, parsing and processing log files and turning data into actionable knowledge to detect security threats and anomalies and identify system performance issues.
Advanced Splunk
Understand advanced Splunk capabilities to search data for anomalies by creating complex search queries, applying regex, and creating presentable reports and dashboards.
Advanced ELK
Learn about the main components of the ELK stack by going through the installation and configuring process and linking them together to form an effective log analysis utility.
What are modules?
A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).
