Overview What You Will Learn Curriculum Instructor

Course Overview

Threat hunting is human-driven, iterative, and systematic. It effectively reduces damage and overall risk to an organization, as its proactive nature enables security professionals to respond to incidents rapidly. The combination of dynamic intelligence, analytics, and situational awareness tools, and perpetual data monitoring, brings about a reduction in false positives and wasted time throughout the Security Operations Center.

The course begins with the basics of threat hunting and data on threat hunting. Moving on, you will understand the adversary. Further, you will learn the mapping and working of an adversary with a data adversary. Next, you will work on creating research environments. After that, you will learn how to query the data. Next, you will explore hunting the adversary. Further, you will learn the importance of documenting and automating the process. As you move on, you will explore communicating and assessing data quality. Next, you will learn to understand the output and defining good metrics to track success in threat hunting. Then you will learn tools such as firewalls, antivirus, endpoint management, network packet capture, and security information and event management (SIEM). You will also need access to threat intelligence resources so you can look up IP addresses, malware hashes, indicators of compromise (IoCs), and more. Finally, you will learn to real-world use cases to identify attacker techniques

By the end of the course, you will have the skills and knowledge to hunt for threats with various techniques when responding to security incidents.

What You Will Learn

  • Gain the foundation knowledge of the threat hunting practice.
  • Learn about the frameworks and industry standards for hunting.
  • Master how to extract, ingest, visualize, and analyze basic logs and events.
  • Discover how to enrich your findings and add intelligence to them.
  • Explore hunting the adversary.

Program Curriculum

  • What Is Threat Hunting?
  • Threat Hunter Mission
  • What Do I Need to Be a Threat Hunter?
  • Cyber Kill Chain
  • Using MITRE ATT&CK Framework to map adversary TTP
  • Exploits and Vulnerabilities
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • Pyramid of Pain
  • Signatures
  • IOCs and IOAs
  • Enrichment and Threat Intelligence
  • Yara Rules
  • Chapter 2 Quiz

  • Windows Events
  • Linux logs
  • Application logs
  • Chapter 3 Quiz

  • Hunting Network Traffic
  • Shipping Network Data Using Elastic
  • Chapter 4 Quiz

  • Getting Started with Elastic Stack
  • Deploying Elastic Stack with Docker
  • Shipping Logs to the Elastic Stack
  • How to Query the Data?
  • Using Dashboards for Data Visualization
  • Chapter 5 Quiz

  • Recommended Tools for Your Research Environment
  • Chapter 6 Quiz

  • Introduction
  • Use case #1 - RDP Activities
  • Use case #2 - AV Disabled
  • Use case #3 - Credential Dump
  • Use case #4 - Suspicious PowerShell
  • Chapter 7 Quiz

  • Recap Course Topics and Conclusion
Load more modules

Instructor

Marcos Vinicios Penha

Marcos Vinicios Penha has worked in companies in south and north America over the last 20 years. His experience ranges from defensive, offensive, incident response and infrastructure security. He has a variety of certifications in different fields of cyber-security, including CEH, CISSP, CRTE, CRTP, OSCP, F5-CA, Pentest+, CySA+, CASP+, Linux+, and others. Marcos has supported many companies worldwide to fight vulnerabilities, cyber-crime and advanced persistent threats while helping them to improve their maturity, visibility and protection controls. He has solid knowledge about the following subjects: Vulnerability Management, Red teaming, Ethical Hacking and Adversary Simulation, System Hardening, Defense Evasion, Threat Hunting, Incident Response, Blue teaming, Intrusion Detection and Prevention, Endpoint Detection and Response, Next-Gen Firewalls and Web Application Firewalls, and others. Marcos has been supporting the cyber-security community participating as a speaker in a variety of events worldwide.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Fastest Way to Level Up Your Cybersecurity Skills

Invest in your future with flexible subscription plans that give you access to the world’s largest online cybersecurity course library. Whether you're exploring cybersecurity courses for beginners or advancing your expertise,
access in-demand courses, practical labs, and CTF challenges designed to support continuous learning.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Build your cybersecurity skills with 900+ bite-sized courses and curated learning paths designed for continuous learning.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 880+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Develop real-world cybersecurity skills through hands-on labs and CTF challenges designed for practical learning.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro, Plus:

  • 1600+ Hands-on lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Hands-on Labs and Challenges added every month

Related Courses

  • Bootstrap 4 Quick Website Bootstrap Components Course
    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches
    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course
    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS
    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training
    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes
    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally
    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

  • Mastering Ansible Playbooks: Debugging and Security
    Short Course

    Mastering Ansible Playbooks: Debugging and Security

    Software Development

    Securing and Automating Linux and Windows Systems with Advanc...

    $99.99

    Advanced

    5 hr 34 m

1 50
View all