- understand what threat hunting is,
- be utterly convinced of the need for it,
- know what infrastructure is required to facilitate it,
- be able to start doing it with confidence within their own organizations.
Contents of the training:
During the 2 days hands-on training experience the participants learn how to hunt hackers within our Windows 10 lab network, using a range of highly effective threat hunting technologies and techniques. Technologies used: Sysmon, the Elastic stack (formerly “ELK”), WinRM, PowerShell, YARA.
Everybody who needs to know more about what threat hunting is, why it is necessary, what is required to start doing it, and how it should be done. Appropriate roles include: CISOs, Security Managers, SOC staffers, Incident Responders, Forensic Analysts and System Administrators.
To maximize value to the attendee, prior HOHE participation is highly recommended, but not mandatory.
The trainers engage participants with lectures, live demonstrations and Q&A sessions. Each participant spends the majority of their time performing a wide variety of hands-on hunts.