Cyber Threat Hunting (CTH)

This intermediate-level course provides technical
personnel with a strategy to proactively recognize and
mitigate adversarial cyber events before they cause
harm, unlike incident management which is reactive.
Using a Cyber Threat Hunting (CTH) framework will allow
for a consistent and efficient approach to identifying and
responding to potential cyber threats. This approach
encourages better record-keeping and the sharing of
insights within security teams.
At the end of the course, participants will be able to:

● understand the Cyber Kill Chain steps allowing
security teams to detect, disrupt and respond to
threats at various points in the attack process;
● describe the differences in current CTH frameworks to
provide a structured approach for threat detection;
● identify resources for tracking current cyber threats in
their organization vertical so they have a more
focused approach for CTH;
● Use the MITRE ATT&CK framework to identify Tactics, Technologies, and Procedures of attackers for the
development of hunting triggers;
● utilize Wireshark and tcpdump to analyze network
packets; and other objectives.