Cyber Threat Hunting
Cyber Threat Hunting is two-day in-class training on threat hunting. This course covers the fundamentals of threat hunting; how to build out a hunt program in your own environment; and how to identify, define, and execute a hunt mission. The course introduces essential concepts for network and endpoint hunting and then allows learners to apply techniques to hunt for anomalous patterns. Hands-on activities follow real-world use cases to identify attacker techniques. Learners will leave the course with concrete use cases that they can leverage to hunt in their own environment.
Throughout the course, instructors provide guidance on hunting across typical security toolsets such as SIEM, packet capture, and EDR; learners attending the course do not need a prior knowledge of specific FireEye technology to benefit from the instruction, however, lab activities are leveraged on the following FireEye technologies: FireEye Helix, FireEye Endpoint Security (HX) and FireEye Network Forensics (PX/IA). For example, Endpoint Hunting use cases leverage either FireEye Endpoint Security (HX), or Helix, or both, to acquire data used in the Hunt Mission.