This module provides an overview of the basic objectives, concepts and practices of cyber threat hunting. It covers how enterprises implement threat hunting and the different stages and types of threat hunts.

This module provides an overview of different types of threat actors with an emphasis on ransomware actors and Advanced Persistent Threats (APTs). It includes a number of more in-depth discussions of well-known threat actors.

This module explores using Network Indicators of Compromise (IoCs) for proactive threat hunting. It highlights the role of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), like Suricata, in monitoring for suspicious activities. Practical methods to identify signs of compromise in networks are covered, followed by hands-on exercises to develop threat detection skills.

This module provides an introduction to cyber threat hunting utilizing Endpoint IoCs. It covers intelligence-based and hypothesis-based threat hunting as well as considerations that improve the effectiveness of a hunt.

This module teaches threat hunting techniques that don’t rely on known IoCs. It covers custom threat hunting, focusing on behavioral analysis and data correlation to detect advanced threats. Tools like CrowdStrike Falcon are used to apply these methods in practical scenarios.