We may earn an affiliate commission when you visit our partners.
Brandon DeVault

What are the follow-on tasks after completing a threat hunt? This course will teach you how to generate tangible outcomes and improve your threat hunting process.

Read more

What are the follow-on tasks after completing a threat hunt? This course will teach you how to generate tangible outcomes and improve your threat hunting process.

Completion of a threat hunt involves not only the hunting, but ensuring tangible outputs to improve your organization's security. In this course, Threat Hunting: Review, Automate, and Improve, you'll learn to complete the threat hunting cycle with continuous automation and improvement. First, you'll explore the reporting process and how to measure success. Next, you'll discover how to build custom detection and automation mechanisms. Finally, you'll learn how to employ adversary emulation to improve detections. When you're finished with the course, you'll have the skills and knowledge of threat hunting needed to improve the maturity of your organization's threat hunting program.

Enroll now

What's inside

Syllabus

Course Overview
Continuous Improvement and Reporting
Custom Detection and Automation
Emulation and Detection
Read more

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Brings together threat hunting concepts, enabling students to have a foundational base in threat hunting and detection
Allows students to learn from Brandon DeVault, who is well known as a security researcher and creator of the MITRE ATT&CK Framework
Provides students with multiple options for improving the outcome of a threat hunt through threat detection, automation, and emulation
Content is delivered across video lectures, readings, and discussions, which can accommodate different learning styles and preferences
Completion of this course qualifies students to receive a certificate, which can be beneficial for career enhancement
This course may be a good choice for individuals who have some prior experience with threat detection and want to improve their skills.

Save this course

Save Threat Hunting: Review, Automate, and Improve to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Threat Hunting: Review, Automate, and Improve with these activities:
Practice reporting basics
Review the basics of reporting to solidify foundational knowledge that is essential for effective threat hunting.
Browse courses on Incident Reporting
Show steps
  • Review types of reporting documents
  • Examine report structure and layout
  • Practice reporting on mock threats
Identify a mentor in the threat hunting field
Offers guidance and insights from experienced practitioners.
Browse courses on Threat Hunting
Show steps
  • Network with professionals in the threat hunting field
  • Identify potential mentors who align with your interests
  • Reach out and request mentorship
Participate in a threat hunting discussion forum
Facilitates knowledge sharing and exposure to diverse perspectives in threat hunting.
Browse courses on Threat Hunting
Show steps
  • Join a threat hunting discussion forum
  • Read and engage in discussions
  • Share knowledge and experiences
Seven other activities
Expand to see all activities and additional details
Show all ten activities
Attend a threat hunting workshop
Provides hands-on experience and in-depth knowledge in threat hunting.
Browse courses on Threat Hunting
Show steps
  • Research and identify relevant threat hunting workshops
  • Register and attend the workshop
  • Participate actively in discussions and exercises
Detection automation exercises
Develop proficiency in designing and implementing automated detection mechanisms to strengthen threat hunting capabilities.
Browse courses on Threat Detection
Show steps
  • Explore automation tools and techniques
  • Build custom detection rules
  • Test and refine detection mechanisms
  • Integrate detection mechanisms with threat hunting tools
Write a report on threat hunting findings
Provides experience in documenting and communicating threat hunting results.
Browse courses on Threat Hunting
Show steps
  • Review threat hunting findings
  • Organize and structure the report
  • Write a clear and concise report
Analyze threat hunting data in Splunk
Develops proficiency in using Splunk for threat hunting.
Browse courses on Splunk
Show steps
  • Load threat hunting data into Splunk
  • Create and run searches to identify potential threats
  • Analyze search results and determine false positives
Emulation techniques tutorial
Enhance threat detection capabilities by exploring advanced emulation techniques and their application in threat hunting scenarios.
Browse courses on Adversary Emulation
Show steps
  • Review principles of adversary emulation
  • Understand emulation tools and frameworks
  • Practice employing emulation techniques
Build a threat hunting tool using Python
Builds practical skills in threat hunting and Python programming.
Browse courses on Python
Show steps
  • Research threat hunting Python libraries
  • Design and develop a threat hunting script
  • Test and evaluate the script
Contribute to an open-source threat hunting tool
Provides practical experience in threat hunting and open-source development.
Browse courses on Threat Hunting
Show steps
  • Identify an open-source threat hunting tool
  • Review the tool's codebase and documentation
  • Make and submit a code contribution

Career center

Learners who complete Threat Hunting: Review, Automate, and Improve will develop knowledge and skills that may be useful to these careers:
Information Security Analyst
An Information Security Analyst is responsible for protecting an organization's information assets from unauthorized access, use, disclosure, disruption, modification, or destruction. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course can help an Information Security Analyst to develop the skills needed to improve the security of an organization.
Cybersecurity Analyst
A Cybersecurity Analyst is responsible for protecting an organization's computer systems and networks from cyberattacks. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course can help a Cybersecurity Analyst to develop the skills needed to improve the security of an organization.
Cloud Security Analyst
A Cloud Security Analyst is responsible for protecting an organization's cloud-based assets from unauthorized access, use, disclosure, disruption, modification, or destruction. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course can help a Cloud Security Analyst to develop the skills needed to improve the security of an organization.
Computer Forensics Analyst
A Computer Forensics Analyst is responsible for collecting, analyzing, and interpreting digital evidence from computers and other devices. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course can help a Computer Forensics Analyst to develop the skills needed to improve the security of an organization.
Network Security Analyst
A Network Security Analyst is responsible for protecting an organization's network from unauthorized access, use, disclosure, disruption, modification, or destruction. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course can help a Network Security Analyst to develop the skills needed to improve the security of an organization.
Security Engineer
A Security Engineer designs, implements, and maintains security systems to protect an organization's data and networks. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course can help a Security Engineer to develop the skills needed to improve the security of an organization.
Security Analyst
A Security Analyst is responsible for monitoring and analyzing security systems to identify and mitigate threats. They also work to ensure that an organization's security systems are up-to-date and effective. The Threat Hunting: Review, Automate, and Improve course can help a Security Analyst to develop the skills needed to improve the security of an organization.
Data Scientist
A Data Scientist is responsible for collecting, analyzing, and interpreting data to identify trends and patterns. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course can help a Data Scientist to develop the skills needed to improve the security of an organization.
Threat Intelligence Analyst
A Threat Intelligence Analyst gathers and analyzes data to assess and understand the threats to an organization. This role involves identifying and tracking potential threats, as well as creating reports and providing guidance on how to mitigate these threats. The Threat Hunting: Review, Automate, and Improve course can help a Threat Intelligence Analyst to develop the skills needed to assess and understand threats.
Information Technology Auditor
An Information Technology Auditor is responsible for auditing an organization's information systems and processes to ensure that they are secure and compliant with regulations. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course may be useful for an Information Technology Auditor to develop the skills needed to improve the security of an organization.
Systems Administrator
A Systems Administrator is responsible for managing and maintaining an organization's computer systems and networks. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course may be useful for a Systems Administrator to develop the skills needed to improve the security of an organization.
Database Administrator
A Database Administrator is responsible for managing and maintaining an organization's databases. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course may be useful for a Database Administrator to develop the skills needed to improve the security of an organization.
Network Administrator
A Network Administrator is responsible for managing and maintaining an organization's networks. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course may be useful for a Network Administrator to develop the skills needed to improve the security of an organization.
Software Engineer
A Software Engineer is responsible for designing, developing, and maintaining software applications. They work to identify and mitigate threats, and to improve the overall security of an organization. The Threat Hunting: Review, Automate, and Improve course may be useful for a Software Engineer to develop the skills needed to improve the security of software applications.
Incident Responder
An Incident Responder leads the determination of the scope and impact of security breaches, as well as formulating a plan for reporting these events. They are responsible for determining the weakest areas in a network, as well as for establishing measures to prevent breaches in these areas. The Threat Hunting: Review, Automate, and Improve course may be useful, as it can help an Incident Responder to understand how to effectively improve the security of a network.

Reading list

We've selected five books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Threat Hunting: Review, Automate, and Improve.
This practical guide offers hands-on techniques and tools for threat hunting in real-world environments, focusing on threat detection and incident response
Provides a fascinating look at the human element of security. It provides insights into how attackers can exploit human weaknesses to gain access to systems and data. It valuable resource for anyone looking to improve their security awareness.
Provides a comprehensive overview of network security assessment. It covers topics such as vulnerability assessment, penetration testing, and security audits. It valuable resource for anyone looking to improve their network security skills.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Threat Hunting: Review, Automate, and Improve.
Threat Hunt with IBM Security QRadar
Most relevant
Threat Hunting: Hypothesize and Plan
Most relevant
Specialized Hunts: Threat Hunting within Active Directory
Most relevant
Threat Hunt with PowerShell
Most relevant
Specialized Hunts: Threat Hunting within Virtual Machines
Most relevant
Threat Hunting: Endpoint Hunting
Most relevant
Threat Hunting: Network Hunting
Most relevant
Specialized Hunts: Threat Hunting within Mail Servers
Most relevant
Advanced Threat Hunting and Incident Response
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser