This course provides basic definitions, activities, and examples of teams hunting threats in the cyber domain. The course addresses the differences between hunting team activities and those of incident management teams or penetration testing teams. The content covers how hunting teams establish goals, methods used by threat hunting teams, and sources available to help read and interpret the threat landscape.
- Define threat hunting, what it means to hunt, and how to hunt as a team;
- Differentiate between hunting teams and other types of cyber security teams;
- Describe how goals influence the method and success of hunting teams;
- Recognize the types of threat analysis information available and how to interpret the facts presented;
- Understand the three types of threat models and explain one in detail