Threat Hunting

  • Duration: 2 days
  • Course delivery: Online/Cyber Quarter, Hereford
  • Course code: CQTH
  • Cost: £1,400 + VAT

Registration Form

Course Registration Form

Training course outline

Cybercrime has significantly evolved and constantly changing its tactics and techniques. The process to identify and proactively determine whether an intrusion is real or malicious often require a comprehensive threat hunt process where evidence of threat activity is measured and verified. Threat hunting often amalgamates cyber threat intelligence processes with conventional security operations carried out by incident response team. This course seeks to explore threat hunting processes based on intelligence generated from threats and vulnerabilities to better identify threat actors and their behaviour against online targets.

What will I learn?

  • Be able to identify and neutralise adversarial actions manifested against cyber assets that cannot be detected or modelled with traditional approaches
  • Carefully analyse the defence environment to find unusual activity leveraging capabilities from existing security and monitoring tools

Who should attend this training course?

The Threat Hunting course course is suitable for technically oriented delegates and security specialists who seek to develop an in-depth understanding of threat hunting processes and further develop their skills and knowledge on Cyber Threat Intelligence (CTI) and its application in proactive network defence. There are no previous learning requirements.

What does this training course cover?

  • Introduction to Threat Modelling
  • Threat Hunt Mindset
  • Threat Model Validation and Data Flow Diagrams (DFDs)
  • STRIDE and its Variants
  • Attack Trees; Cyber threat intelligence lifecycle
  • CTI Analytical Processes and Methods
  • CTI programmes: From sharing to analysing and consumption
  • Threat Modelling Tools and Experimental Approaches
  • Attack Libraries and Checklists
  • Fuzzy logic, SDL, CORAS, OCTAVE, TRIKE, T-MAP, VAST
  • Common Attack Pattern Enumeration and Classifications
  • Cyber Kill Chain and Maturity Models
  • Sample Incident Cause Analysis; Adversarial Machine learning
  • Decision Making in Intelligence Consumption
  • Open-source Intelligence (OSINT)
  • Cyber Security Modelling Languages
  • STIX Framework; Flow Analysis; Exploratory Data Analysis
  • Threat Hunting use cases
  • Value chain, PESTL, and SWOT
  • Pattern Mining Techniques

What’s included in this course?

  • Lunch and refreshments
  • Free onsite parking
  • Access to full course materials (digital copy PDF)
  • A certificate of course completion

 

How can I further my knowledge?

For additional training modules and more details please contact cyberqtr@wlv.ac.uk