Computers and servers in the United States are the most aggressively targeted systems in the world, commonly threatened by terrorists, nation states or terrorist sympathizers. Despite this growing threat level, training to counter these attacks has failed to increase in response, leaving critical information technology infrastructure exposed and vulnerable to attack.
This Cyber Threat Hunting (CTH) course utilizes a blended learning approach that balances classroom lecture, hands-on laboratory exercises and supplemental material to provide technical personnel with a strategy to proactively recognize and mitigate adversarial cyber events before they cause harm, unlike incident management, which is reactive. Using a CTH framework will allow for a consistent and efficient approach to identifying and responding to potential cyber threats. This approach encourages better record-keeping and the sharing of insights within security teams.
While much care is taken to protect systems, security intrusions can and do still happen. Organizations that actively seek out these cyber attacks that have infiltrated the security boundaries reduce the time that bad actors reside on their sites and effectively increase their cyber resilience.
By taking this course, participants will have an increased understanding of the cyber threat landscape for their business area and can establish a methodology to hunt for relevant system compromises to eliminate or limit their damage. Through skills-based labs they will use tools to gather cyber intel and sift through logs, network traffic, and memory to identify and triage potential threats.
