Cyber threat hunting is a proactive, iterative, and human-centered process of finding cyber threats that are inside a network that hasn’t been caught by existing security controls. It is now possible for attackers to stay inside a network for a long time and get information and move around without anyone noticing. It’s at this point that Threat Hunting comes in to help.

Threat hunting is based on the concept of “Assumed Breach “. It helps businesses answer questions like: How do we know when we’ve been breached? What is the evidence we have for this?  And how do we use this information to improve our security?”

Using the knowledge or intelligence gained through Threat Intelligence, threat hunters can hunt down the advisories within the network and locate Indication of compromised (IoC).

Training content in general

• Introduction to Threat Hunting
• Threat Hunting Use Cases
• Hunting for The Indication of Compromise (IoC)
• Threat Hunting Methods
• Who Should Attend?

Why this workshop?

• Sophisticated threats are bypassing both perimeter and endpoint security.
• Increase the speed and accuracy of incident response
• Understand and reduce attack surface exposure / hardened network and endpoints.
• Reduce the time an adversary dwells on the network unnoticed.
• Detect/prevent the spread of the attack and lateral movement.
• Collect evidence of compromise.

Prerequisite

• Basic information security concepts should be understood.
• A working understanding of networking devices and protocols is required.
• Exposure to network monitoring and pentesting tools and methodology