This course includes practical labs that challenge the students to develop hypothesis and hunt missions in order to hunt for evidence of compromise through multiple scenarios including social engineering, network and system compromise, and APT nation-state actors. The labs are designed so that students have an opportunity to experience hunting using environments like the command line, Jupyter Notebook, and forensic tools like Velociraptor.
Learning Objectives
After this course students will be able to: • Apply cyber threat intelligence concepts to hunt for adversary activity in your environment • Establish a repeatable hunt methodology and develop hunt use cases • Leverage end point data to hunt • Establish measures of effectiveness for hunt program
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Incident Response
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.