Cyber Threat Hunting is three-day in-class training on threat
hunting. The course introduces essential concepts for network and
endpoint hunting and then allows learners to apply techniques to hunt
for anomalous patterns. Hands-on activities follow real-world use
cases to identify attacker techniques. Learners leave the course with
critical information on establishing hunt programs within their
organization, templates that can be used to document hunt missions,
and concrete use cases that they can leverage to hunt in their own environment.
Throughout the course, instructors provide guidance on hunting
across typical security toolsets such as SIEM, packet capture, and
EDR; learners attending the course do not need a prior knowledge of
specific Trellix technology to benefit from the instruction, however,
lab activities are leveraged on the following Trellix technologies:
Helix, Endpoint Security (HX) and Network Forensics (PX/IA). For
example, endpoint hunting use cases leverage either Endpoint Security
(HX), or Helix, or both, to acquire data used in the hunt mission.
Training provided by: FireEye
START DATE: August 29, 2022 9:00am CDT
END DATE: August 31, 2022 5:00pm CDT
LOCATION: ILT via WebEx. Details will be provided on
COST: US$4,400 or 4 EoD units
Completion of Endpoint Investigations instructor-led
course; a working understanding of networking and network security,
the Windows operating system, file system, registry and regular
expressions, and basic experience scripting in Python (or similar) language.
Students must have access to a laptop running one of the following
browsers: Chrome (latest), Firefox (latest), or Internet Explorer (10
or greater). Wireshark is recommended.
If possible, we recommend using an external monitor or dual-screen
setup. This will enable you to view the class materials and virtual
lab interface simultaneously.