The concept of Threat Hunting is commonly misconceived and often simplified or ignored.  This course is designed to provide insight and training into the process and methodology of Threat Hunting.  Threat hunting is the process of an experienced cybersecurity analyst proactively using manual or machine-based techniques to identify security incidents or threats that deployed detection methods didn’t catch. To be successful with threat hunting, it requires ample knowledge of different types of malware, exploits and network protocols to navigate the large volume of data; coupled with an in-depth knowledge or usable baseline of the environment’s unique characteristics in order to identify abnormal or malicious behavior.

The course is structured to give an introduction into the full definition and methods of Threat Hunting, the various analysis methods, and the adaptation of the thought process entailed with a true Threat Hunter.

The course will use the SentinelOne platform as an interactive environment in which the attendees will be able to apply those newly learned methodologies towards a simulated real-world situation modeled after various APT-level threats.