What is the purpose of threat hunting?

Effective threat hunting shortens the time between intrusion and detection, allowing attackers to cause less harm.

What are the 5 steps of threat hunting?

The 5 steps of threat hunting are: Hypothesis Collect and Process Intelligence and Data Trigger Investigation Response/Resolution

What are the most difficult aspects of threat hunting?

For most SOCs, the price of licences and data storage make collecting and storing all security data for real-time and historical analysis too expensive. Querying enormous amounts of data might take a long time to respond to.

What tool may be used in threat hunting?

Security Monitoring Tools- Firewalls, antivirus, and endpoint security solutions are examples of security monitoring technologies that collect data and monitor the network. SIEM Solutions- Security Information and Event Management (SIEM), assist in the handling of raw security data and enable real-time threat analysis.

What is the broad definition of threat hunting?

Threat hunting is the practise of locating potential attackers before they can launch an assault. Threat hunting is a proactive strategy that blends human analysis and instinct with security technologies, analytics, and threat information.

Threat Hunting Professional Training Course

Threat Hunting Professional Online Training Course

Read Reviews

The Threat Hunting Training course with Infosectrain helps you achieve a deep understanding of Threat Hunting techniques and the role of Threat Hunters. Our training course is designed with the in-depth concepts of Threat Hunting methods that helps you to get certified for the Cyber Threat Hunting Professional exam.

Threat Hunting Course Description

Overview:

Threat hunting techniques have enhanced over years. Organizations are using advanced techniques to identify the threats with skilled threat hunters before any damage or loss takes place. Our Threat Hunting Professional Online Training Course empowers your skills and helps to understand the threats and their objectives.

InfosecTrain has curated a Threat Hunting Professional online training course that gives you the skills to proactively hunt for threats and become a stealthier penetration tester. Our expert trainers will teach you the principles and process of threat hunting and the step-by-step instructions are provided to hunt for threats in the network.

This course is a Preliminary course for most of the Professional Threat Hunting Certifications(eCTHPv2,CCTHP,Threat Hunter training course – Group-IB)

Why Threat hunting Training Course with InfoSecTrain?

InfosecTrain is one of the finest security and technology training and consulting organizations, focusing on a range of IT security training and Information Security services. InfosecTrain offers complete training and consulting solutions to its customers globally. Whether the requirements are technical services, certification, or customized training, InfosecTrain is consistently delivering the highest quality and best success rate in the industry.

We offer entire certification-based training.
We have certified and highly experienced trainers who have an in-depth knowledge of the subject.
Our training schedule is flexible and we also provide recordings of the lectures.
We deliver post-training support.
We also bring forth an interactive Q & A session.

Target Audience

Software Engineers
IT Managers
Cyber Security Analysts
Network Security Engineers
Red Team Members / Penetration Testers
Incident Response Team Members

Pre-requisites

Familiarity with Windows and Linux at log level
Basics of Networking
Comprehensive understanding of Information Security and its terms
Experience in Cyber Security is highly recommended

1800-843-7890 (India)
Call Now

GET A FREE DEMO CLASS

Threat Hunting Course Objectives

At the end of the course, you will be able to:

Define threat hunting and its objectives to the organization
Implement the threat mission to identify, and automate the hunting process
Understand the use cases for the hunting program
Develop the hunt missions for threat hunting
Grab the endpoints and network for hunting

Threat Hunting Course Content

Introduction to Threat Hunting

What is Threat Hunting?
What is Threat Intelligence?
5 Whys of Threat Hunting
Introduction to Endpoint Threat Hunting
Introduction to Network Threat Hunting

Threat Hunting Basics

Log Analysis(Perimeter devices, Endpoints, Security Solutions)
Basics of Malware Analysis
Types of Threat Hunting(Intel Driven, Hypothesis Driven, Request Driven, Hybrid Hunting)
Digital Forensics and Incident Response
Detection of LOLBins & GTFOBins
Hunting based on OSI Layers
Brief Introduction to Windows Logging and Internals
Brief Introduction of TH Frameworks
- MITRE ATT&CK
- Diamond Model
- Cyber Kill Chain
Basics of Log Forensics
OSINT for Threat Hunting
YARA Rules

Network Threat Hunting

Networking Primer from Security standpoint
Network Based Attacks and in depth analysis
Port based attacks and hunting
Netmon for Threat Hunting
Packet Analysis & Tools
- Live Network Captures
- Port Mirroring
- Network Tap
- MAC Floods
- ARP Poisoning
- Netmon
- Wireshark
- Suspicious Traffic Hunting: ARP,ICMP,TCP,DHCP,DNS,HTTP/HTTPS, Unknown Traffic Hunting, Hunting WebShells
Network Forensics:
Protocol Anomalies 101
Network Threat analysis:SSH,DNS,ICMP Tunneling analysis
Command and Control detection
Injection attacks detection.
Case Study

Endpoint Threat Hunting

Introduction to Endpoint Threats
Event IDs and Logging
Primer on Windows Processes and threats
In-depth understanding of Event IDs and Threat Hunting based on them.
LOLBins and GTFOBins
Sysmon for Threat Hunting
Primer on Malware Analysis
Hunting Macros, Mimikatz and Remote Threads using Sysmon & ELK stack
Hunting with Powershell
Persistence Hunting
Case Study

MITRE ATT&CK based Threat Hunting and Detection

Detailed Introduction to ATT&CK Framework
Matrices/Platforms
Tactics,Techniques and Sub-Techniques
- Data Sources and Detections
Groups and Software
- Ransom Case Study and Hands on Analysis-2 hours
- ATT&CK Based Hunting with ELK-Lab-3 Hours
Introduction to D3FEND Framework
- Defense mechanisms
Mapping Defense mechanisms with Attack vectors
- Implementing Defense Mechanisms-Lab-2 Hours

Tools to be learnt

SIEM/ELK Stack for Threat Hunting
Python for Threat Hunting
MITRE ATT&CK framework

Lab

Labs at end of Every Module
Final Lab/Capture the Flag Event with 50+ Threat Hunting Challenges(Ranging from Basic to Advanced)

Bonus Content

Interview Prep
Lab VM give away
Custom built list/repository of openly available resources
Custom built MindMaps of Frameworks and Major concepts discussed in the course ex:MITRE ATT&CK and D3F3ND

System Requirements

4-bit Intel i5/i7 2.0+ GHz processor or equivalent
8GB of RAM
Ability to run at least (1) virtual machine using Virtual Box, or an equivalent virtualization software
Windows 10 or later, macOS 10 or later, or Linux
Local administrator privileges

Need customized curriculum? Talk to Advisor

Explore

Network Security Training Online Course

Explore

Pentester Combo Training & Certification Course

Explore

Active Directory Pentest Courseware Online Training

Explore

Threat Hunting Our Course Advisor

BHARAT MUTHA

10+ Years Of Experience

SME - Blue Team

10+ years of experience with all round knowledge of all information security domains ranging from Vulnerability Assessment, Penetration Testing to Application Security, Threat Analysis, and from Security Solutions, Identity & Access Management to Governance, Risk & Compliance.

SANYAM NEGI

9+ Years Of Experience

Sanyam is an Information Security Consultant & Trainer with 9+ years of hands-on experience in Security Testing, Cloud Security and DevOps. He is adept at designing tailored training programs and courseware on Security Solutions for various organizations.

Here is What people are saying about InfosecTrain

Sourabh Maha

India

cot The training was awesome. Helped me clear my concepts and also reduced my preparation time to 1/3rd. Thank you, trainer, for all your dedication to bring your gladiators to pace.

Rudraram Sai Kiran

United Kingdom starnew

cot The trainer is a great presenter/tutor and teaches in a relaxing manner. His sense of humor and honesty about the task ahead for the newbie help make the challenging subject matter accessible. Thank you very much! I had been looking forward to this workshop for weeks, and it exceeded my expectations! I have learned a lot. ... Read More

William Kimuhu

Kenya

cot I loved the training. Coming for more soon. The trainer is easily reachable and helpful.. I loved the staggered payment option given.

Gourav chaturvedi

cot I must say the admin team is excellent and punctual. The trainers are actually the nerve of the team and know how to engage with the students across all the topics.