This module provides an overview of the basic objectives, concepts and practices of cyber threat hunting. It covers how enterprises implement threat hunting and the different stages and types of threat hunts.

This module provides an overview of different types of threat actors with an emphasis on ransomware actors and Advanced Persistent Threats (APTs). It includes a number of more in-depth discussions of well-known threat actors.

This module introduces the way in which threat hunters receive and use threat intelligence, and create threat reports. It covers the concept of the Traffic Light Protocol but does not cover IoCs.

This module explores using Network Indicators of Compromise (IoCs) for proactive threat hunting. It highlights the role of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), like Suricata, in monitoring for suspicious activities. Practical methods to identify signs of compromise in networks are covered, followed by hands-on exercises to develop threat detection skills.

This module teaches threat hunting techniques that don’t rely on known IoCs. It covers custom threat hunting, focusing on behavioral analysis and data correlation to detect advanced threats. Tools like CrowdStrike Falcon are used to apply these methods in practical scenarios.