Adversary Tactics - Detection

Tired of "detecting" a breach after an incident has already begun? Hunt operations focus on proactively searching for malicious threat actors and closing the gap from infection to detection. Many security solutions attempt to prevent the initial compromise, or detect known post-exploitation activity, but can be bypassed by skilled attackers. This course will teach you how to create threat hunting hypothesis and execute them in your environment to proactively search for attacker indicators not identified by existing security solutions. In this course, you will: Build a comprehensive Hunt Hypothesis. Assess the quality of your data sources. Develop metrics to track the effectiveness of your hunt program. Perform basic triage procedures for suspicious activity. Practice in a simulated enterprise network against real advanced adversary techniques and malware samples. Collect extensive Windows host telemetry and metadata using built-in and open source tools. Efficiently analyze gathered data to detect threat actor post-exploitation technique.