We may earn an affiliate commission when you visit our partners.
Brandon DeVault

Being responsible to go find the anomalies within an environment can be a daunting task. This course will teach you how to hunt through endpoint artifacts to find malicious behavior.

Read more

Being responsible to go find the anomalies within an environment can be a daunting task. This course will teach you how to hunt through endpoint artifacts to find malicious behavior.

Finding anomalies or malicious artifacts without the help of alerts or defensive mechanisms can be very challenging. In this course, Threat Hunting: Endpoint Hunting, you’ll learn to hunt for specific APT techniques found in endpoint data. First, you’ll explore the various endpoint data sets and how to take advantage of correlation. Next, you’ll discover how to find artifacts related to initial access, implants, and persistence. Finally, you’ll learn how to detect behaviors related to privilege escalation and credential stealing. When you’re finished with this course, you’ll have the skills and knowledge of endpoint hunting needed to provide the proactive approach to security analytics.

Enroll now

What's inside

Syllabus

Course Overview
Endpoint Data Sets
Access and Implants
Persistence
Read more
Privilege Escalation and Credential Stealing
Impossible Login

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Teaches threat hunting techniques for endpoint data, which is valuable for IT professionals in cybersecurity
Covers initial access, implants, persistence, privilege escalation, and credential stealing, which are key areas in endpoint hunting
Explores correlation between various endpoint data sets, which is essential for effective threat hunting
Taught by Brandon DeVault, an experienced instructor in endpoint hunting
May require prior knowledge or experience in endpoint hunting or security analysis

Save this course

Save Threat Hunting: Endpoint Hunting to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Threat Hunting: Endpoint Hunting with these activities:
Connect with Cybersecurity Professionals
Expand your professional network and learn from experienced cybersecurity professionals by attending industry events and joining online communities.
Browse courses on Networking
Show steps
  • Attend industry conferences and meetups to connect with other cybersecurity professionals.
  • Join online forums and discussion groups related to threat hunting and endpoint security.
Review computer forensics and incident response concepts
Review key concepts and techniques in computer forensics and incident response to strengthen your foundational knowledge for this course.
Browse courses on Computer Forensics
Show steps
  • Revisit textbooks and course materials from previous courses or certifications in computer forensics and incident response.
  • Go through online resources and articles to refresh your understanding of key concepts and industry best practices.
Explore Threat Hunting Techniques and Tools
Enhance your understanding of threat hunting techniques and tools to proactively identify and neutralize potential threats.
Browse courses on Threat Hunting
Show steps
  • Follow online tutorials or courses on threat hunting methodologies and best practices.
  • Experiment with open-source threat hunting tools and platforms to gain hands-on experience.
Four other activities
Expand to see all activities and additional details
Show all seven activities
Practice Endpoint Analysis with Wireshark
Develop your skills in analyzing endpoint traffic using Wireshark to enhance your ability to detect and investigate threats effectively.
Browse courses on Wireshark
Show steps
  • Set up a lab environment with Wireshark and capture network traffic from an endpoint.
  • Analyze captured traffic to identify malicious patterns, suspicious connections, and potential threats.
  • Use Wireshark filters and plugins to enhance your analysis and detection capabilities.
Attend a Threat Hunting Workshop
Gain practical experience and expand your knowledge by attending a workshop specifically focused on threat hunting.
Show steps
  • Research and identify reputable threat hunting workshops or conferences.
  • Register for a workshop that aligns with your learning goals and interests.
Develop a Threat Hunting Playbook
Solidify your understanding of threat hunting principles and processes by creating a comprehensive playbook that outlines your approach to proactive threat detection and response.
Browse courses on Incident Response Plan
Show steps
  • Gather information and research best practices for threat hunting.
  • Define the scope, objectives, and methodologies of your threat hunting program.
  • Document step-by-step procedures for threat detection, investigation, and response.
Contribute to Open-Source Threat Hunting Projects
Deepen your understanding of threat hunting tools and contribute to the cybersecurity community by participating in open-source projects.
Browse courses on Open Source
Show steps
  • Identify open-source threat hunting tools and projects that align with your interests.
  • Join the project's community and contribute your skills and expertise.

Career center

Learners who complete Threat Hunting: Endpoint Hunting will develop knowledge and skills that may be useful to these careers:
Malware Analyst
Malware Analysts are responsible for analyzing malware to identify its capabilities and behavior. The course Threat Hunting: Endpoint Hunting can provide Malware Analysts with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Malware Analysts who need to be able to quickly identify and analyze malware.
Security Engineer
Security Engineers are responsible for designing, implementing, and maintaining an organization's security systems. The course Threat Hunting: Endpoint Hunting can provide Security Engineers with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Security Engineers who need to be able to quickly identify and respond to security threats.
Systems Administrator
Systems Administrators are responsible for managing and maintaining an organization's computer systems and networks. The course Threat Hunting: Endpoint Hunting can provide Systems Administrators with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Systems Administrators who need to be able to quickly identify and respond to security threats.
Security Analyst
Security Analysts are responsible for monitoring and analyzing an organization's security systems and data to identify and respond to security threats. The course Threat Hunting: Endpoint Hunting can provide Security Analysts with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Security Analysts who need to be able to quickly identify and respond to security threats.
Network Security Engineer
Network Security Engineers are responsible for designing, implementing, and maintaining an organization's network security systems. The course Threat Hunting: Endpoint Hunting can provide Network Security Engineers with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Network Security Engineers who need to be able to quickly identify and respond to security threats.
Forensic Analyst
Forensic Analysts are responsible for investigating security breaches and incidents. The course Threat Hunting: Endpoint Hunting can provide Forensic Analysts with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Forensic Analysts who need to be able to quickly identify and investigate security breaches and incidents.
Incident Responder
Incident Responders are responsible for responding to security incidents and breaches. The course Threat Hunting: Endpoint Hunting can provide Incident Responders with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Incident Responders who need to be able to quickly identify and respond to security incidents.
Penetration Tester
Penetration Testers are responsible for testing an organization's security systems and infrastructure to identify vulnerabilities. The course Threat Hunting: Endpoint Hunting can provide Penetration Testers with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Penetration Testers who need to be able to quickly identify and exploit vulnerabilities.
Cryptographer
Cryptographers are responsible for developing and using encryption algorithms to protect data. The course Threat Hunting: Endpoint Hunting may be useful for Cryptographers who want to specialize in cybersecurity. The course provides hands-on experience in hunting for malicious behavior using endpoint data, which is a critical skill for Cryptographers who want to develop and use encryption algorithms to protect data from security threats.
Computer Scientist
Computer Scientists are responsible for designing, developing, and implementing computer systems and applications. The course Threat Hunting: Endpoint Hunting may be useful for Computer Scientists who want to specialize in cybersecurity. The course provides hands-on experience in hunting for malicious behavior using endpoint data, which is a critical skill for Computer Scientists who want to develop secure systems and applications.
Information Security Manager
Information Security Managers are responsible for managing an organization's information security program. The course Threat Hunting: Endpoint Hunting can provide Information Security Managers with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Information Security Managers who need to be able to quickly identify and respond to security threats.
Cybersecurity Consultant
Cybersecurity Consultants provide advice and guidance to organizations on how to improve their security posture. The course Threat Hunting: Endpoint Hunting can provide Cybersecurity Consultants with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for Cybersecurity Consultants who need to be able to quickly identify and assess threats to an organization's network.
Chief Information Security Officer (CISO)
The Chief Information Security Officer (CISO) is responsible for overseeing an organization's information security program. The course Threat Hunting: Endpoint Hunting can provide CISOs with the skills and knowledge they need to be successful in their role. The course teaches how to hunt for malicious behavior using endpoint data, which is a critical skill for CISOs who need to be able to quickly identify and respond to security threats.
Threat Intelligence Analyst
An organization's security landscape is constantly evolving. The Threat Intelligence Analyst plays a vital role in identifying and assessing threats to an organization's information assets. The course Threat Hunting: Endpoint Hunting may be useful for those who want to enter the field of Threat Intelligence. The course provides hands-on experience in hunting for malicious behavior using endpoint data. This experience can be helpful for Threat Intelligence Analysts who need to be able to quickly identify and assess threats to their organization's network.
Data Scientist
Data Scientists are responsible for analyzing data to identify patterns and trends. The course Threat Hunting: Endpoint Hunting may be useful for Data Scientists who want to specialize in cybersecurity. The course provides hands-on experience in hunting for malicious behavior using endpoint data, which is a critical skill for Data Scientists who want to develop models and algorithms to detect and prevent security threats.

Reading list

We've selected six books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Threat Hunting: Endpoint Hunting.
Provides an introduction to endpoint forensics and covers various methods for detecting malware hidden in memory.
Offers a practical guide to Windows forensic analysis, covering various techniques for acquiring and analyzing digital evidence.
Provides a hands-on approach to penetration testing techniques and ethical hacking methodologies.
Provides a comprehensive overview of network security, including techniques used by attackers and strategies for defending against them. It serves as a valuable resource for gaining a broader understanding of the security landscape.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Threat Hunting: Endpoint Hunting.
Threat Hunting: Network Hunting
Most relevant
Threat Hunting: Hypothesize and Plan
Most relevant
Specialized Hunts: Threat Hunting within Active Directory
Most relevant
Specialized Hunts: Threat Hunting within Virtual Machines
Most relevant
Threat Hunt with IBM Security QRadar
Most relevant
Specialized Hunts: Threat Hunting within Mail Servers
Most relevant
Threat Hunting: Review, Automate, and Improve
Most relevant
Network Protocols for Security: ICMP
Most relevant
Network Protocols for Security: TCP and UDP
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser