• Online, Instructor-Led

This course provides basic definitions, activities, and examples of teams hunting threats in the cyber domain. The course addresses the differences between hunting team activities and those of incident management teams or penetration testing teams. The content covers how hunting teams establish goals, methods used by threat hunting teams, and sources available to help read and interpret the threat landscape.

Learning Objectives

  • Define threat hunting, what it means to hunt, and how to hunt as a team;
  • Differentiate between hunting teams and other types of cyber security teams;
  • Describe how goals influence the method and success of hunting teams;
  • Recognize the types of threat analysis information available and how to interpret the facts presented;
  • Understand the three types of threat models and explain one in detail

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.