We may earn an affiliate commission when you visit our partners.
Brandon DeVault

Being responsible to go find the anomalies within an environment can be a daunting task. This course will teach you how to hunt through network traffic to find malicious behavior.

Read more

Being responsible to go find the anomalies within an environment can be a daunting task. This course will teach you how to hunt through network traffic to find malicious behavior.

Finding anomalies or malicious artifacts without the help of alerts or defensive mechanisms can be very challenging. In this course, Threat Hunting: Network Hunting, you’ll learn to hunt for specific APT techniques found in network data. First, you’ll explore the data sets and importance of centralized network collection. Next, you’ll discover how to search for phishing and C2 artifacts. Finally, you’ll learn how to detect behaviors related to lateral movement and any objectives the adversary is attempting to accomplish. When you’re finished with this course, you’ll have the skills and knowledge of network hunting needed to provide the proactive approach to security analytics.

Enroll now

What's inside

Syllabus

Course Overview
Normalizing the Traffic
Phishing
Command and Control
Read more
Lateral Movement
Actions on Objective

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Provides a hands-on, practical approach to network hunting
Focuses on detecting and analyzing malicious behavior in network traffic, making it relevant for cybersecurity professionals and security analysts
Covers essential techniques used in network hunting, such as phishing and command and control detection
Taught by Brandon DeVault, an experienced security researcher and instructor
Addresses the challenges of finding anomalies and malicious artifacts without relying solely on alerts and defensive mechanisms
Requires prior knowledge and experience in network security concepts and technologies

Save this course

Save Threat Hunting: Network Hunting to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Threat Hunting: Network Hunting with these activities:
Review Computer Networking Fundamentals
Start this course with a strong understanding of foundational network concepts to enhance your learning.
Browse courses on OSI Model
Show steps
  • Review your notes from a previous networking course.
  • Practice setting up a basic network with a router and switches.
Read 'Network Security Assessment' by Chris McNab
Gain a comprehensive understanding of network security assessment techniques and methodologies.
Show steps
  • Purchase or borrow the book.
  • Read the book thoroughly, taking notes and highlighting important concepts.
  • Complete the exercises and review the case studies provided in the book.
Analyze Network Traffic with Wireshark
Practice using Wireshark to analyze network traffic, improving your ability to detect anomalies.
Browse courses on Network Traffic Analysis
Show steps
  • Install Wireshark and set up a capture environment.
  • Capture and analyze network traffic using Wireshark
Four other activities
Expand to see all activities and additional details
Show all seven activities
Participate in a Cybersecurity Forum
Engage with other cybersecurity professionals to exchange knowledge, share experiences, and stay updated on industry trends.
Browse courses on Networking
Show steps
  • Identify and join online or local cybersecurity forums.
  • Actively participate in discussions, sharing your insights and asking questions.
Follow Tutorials on Threat Hunting Techniques
Enhance your knowledge by following expert tutorials that provide practical insights into threat hunting techniques.
Browse courses on Threat Hunting
Show steps
  • Identify reputable online resources or platforms offering threat hunting tutorials.
  • Select tutorials that align with your skill level and learning objectives.
  • Follow the tutorials, taking notes and practicing the techniques demonstrated.
Develop a Network Security Playbook
Solidify your understanding by creating a comprehensive playbook that outlines network security best practices and incident response procedures.
Browse courses on network security
Show steps
  • Research best practices for network security and incident response.
  • Gather input from security experts and practitioners.
  • Document the playbook, including clear steps and procedures.
  • Review and refine the playbook regularly.
Develop a Threat Hunting Report
Demonstrate your ability to analyze network traffic, identify anomalies, and generate a comprehensive threat hunting report.
Browse courses on Incident Reporting
Show steps
  • Select a specific network or environment for your threat hunting exercise.
  • Use network traffic analysis tools to collect and analyze data.
  • Identify and categorize anomalies and potential threats.
  • Write a detailed threat hunting report, including your findings, recommendations, and mitigation strategies.

Career center

Learners who complete Threat Hunting: Network Hunting will develop knowledge and skills that may be useful to these careers:
Computer Auditor
Computer Auditors assess network security and develop security management policies to help organizations protect their computer systems. This course could help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Computer Auditors who need to be able to identify and respond to security threats.
Penetration Tester
Penetration Testers assess the security of computer systems and networks by attempting to exploit vulnerabilities. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Penetration Testers who need to be able to identify and exploit security vulnerabilities.
Threat Intelligence Analyst
Threat Intelligence Analysts collect and analyze information about security threats and vulnerabilities. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Threat Intelligence Analysts who need to be able to identify and respond to security threats.
Security Manager
Security Managers are responsible for developing and implementing security policies and procedures. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Security Managers who need to be able to identify and respond to security threats.
Cybersecurity Architect
Cybersecurity Architects design and implement security solutions for organizations. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Cybersecurity Architects who need to be able to identify and respond to security threats.
Information Security Analyst
Information Security Analysts plan and implement security measures to protect an organization's information systems and data. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Information Security Analysts who need to be able to identify and respond to security threats.
Security Analyst
Security Analysts monitor and analyze computer systems and networks for security breaches and vulnerabilities. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Security Analysts who need to be able to identify and respond to security threats.
Network Security Engineer
Network Security Engineers design, implement, and maintain network security systems and devices. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Network Security Engineers who need to be able to identify and respond to security threats.
Security Consultant
Security Consultants assess the security of computer systems and networks and provide recommendations for improvement. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Security Consultants who need to be able to identify and respond to security threats.
Incident Responder
Incident Responders are responsible for responding to security incidents and breaches. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Incident Responders who need to be able to identify and respond to security threats.
Cybersecurity Engineer
Cybersecurity Engineers design, implement, and maintain security systems and networks. This course can help you build a foundation for this role as it provides hands-on experience with threat hunting and network security analysis. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Cybersecurity Engineers who need to be able to identify and respond to security threats.
Software Engineer
Software Engineers design, develop, and maintain software systems. This course may be useful for Software Engineers who are interested in specializing in cybersecurity. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Software Engineers who want to develop secure software systems.
Computer Scientist
Computer Scientists research, design, and develop computer systems and applications. This course may be useful for Computer Scientists who are interested in specializing in cybersecurity. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Computer Scientists who want to develop secure software and systems.
Network Engineer
Network Engineers design, implement, and maintain computer networks. This course may be useful for Network Engineers who are interested in specializing in cybersecurity. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills are essential for Network Engineers who want to design and maintain secure networks.
Data Scientist
Data Scientists collect, analyze, and interpret data to solve business problems. This course may be useful for Data Scientists who are interested in specializing in cybersecurity. The course covers topics such as detecting phishing and C2 artifacts, lateral movement, and actions on objective. These skills can be applied to developing machine learning and artificial intelligence solutions for cybersecurity.

Reading list

We've selected 11 books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Threat Hunting: Network Hunting.
Offers a comprehensive textbook on computer network security, covering fundamental concepts and advanced topics.
Provides a practical guide to malware analysis, covering topics such as malware collection, analysis techniques, and threat detection. It valuable resource for anyone looking to learn more about network hunting.
Provides a practical guide to memory forensics, covering topics such as memory acquisition, analysis techniques, and threat detection. It valuable resource for anyone looking to learn more about network hunting.
Provides a comprehensive overview of network forensics, covering topics such as data collection, analysis techniques, and threat detection. It valuable resource for anyone looking to learn more about network hunting.
Offers a comprehensive overview of network security assessment techniques and best practices.
Covers network security concepts and implementation using Python, including network traffic analysis and intrusion detection.
Provides a detailed guide to Snort, an open-source network intrusion detection system.
Classic in the field of computer security. It tells the true story of how Stoll tracked down a hacker who was spying on his computer system. It fascinating and informative read for anyone interested in the history of hacking and network hunting.
Provides a practical guide to penetration testing, covering topics such as reconnaissance, exploitation, and post-exploitation. It valuable resource for anyone looking to learn more about network hunting.
Covers advanced offensive security practices, including network exploitation and malware analysis.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Threat Hunting: Network Hunting.
Threat Hunting: Endpoint Hunting
Most relevant
Threat Hunting: Hypothesize and Plan
Most relevant
Specialized Hunts: Threat Hunting within Active Directory
Most relevant
Specialized Hunts: Threat Hunting within Virtual Machines
Most relevant
Threat Hunt with IBM Security QRadar
Most relevant
Network Protocols for Security: ICMP
Most relevant
Network Protocols for Security: TCP and UDP
Most relevant
Network Protocols for Security: DNS
Most relevant
Specialized Hunts: Threat Hunting within Mail Servers
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser