This course includes practical labs that challenge the students to develop hypothesis and hunt missions in order to hunt for evidence of compromise through multiple scenarios including social engineering, network and system compromise, and APT nation-state actors. The labs are designed so that students have an opportunity to experience hunting using environments like the command line, Jupyter Notebook, and forensic tools like Velociraptor.
Learning Objectives
After this course students will be able to: • Apply cyber threat intelligence concepts to hunt for adversary activity in your environment • Establish a repeatable hunt methodology and develop hunt use cases • Leverage end point data to hunt • Establish measures of effectiveness for hunt program
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Incident Response