Module #1 Introduction to Threat Hunting Overview of threat hunting, its importance, and the role of a threat hunter
Module #2 Understanding the Adversary Adversary motivation, tactics, techniques, and procedures (TTPs) and the cyber kill chain
Module #3 Threat Hunting Methodologies Overview of threat hunting methodologies, including the Diamond Model and the MITRE ATT&CK framework
Module #4 Setting Up a Threat Hunting Environment Building a threat hunting lab, choosing the right tools, and setting up a test environment
Module #5 Network Traffic Analysis Using network traffic analysis tools, such as Wireshark, to identify suspicious activity
Module #6 Endpoint Analysis Analyzing endpoint data, including process execution, file access, and registry modifications
Module #7 Log Analysis Analyzing log data from various sources, including Windows Event Logs and Unix logs
Module #8 Indicator of Compromise (IOCs) Analysis Analyzing IOCs, including IP addresses, domains, and hashes
Module #9 Open-Source Intelligence (OSINT) Gathering Using OSINT tools and techniques to gather information about potential threats
Module #10 Threat Intelligence Feeds and Platforms Using threat intelligence feeds and platforms to stay informed about emerging threats
Module #11 Hunting for Malware Using advanced techniques, such as memory forensics and API hooking, to hunt for malware
Module #12 Hunting for Lateral Movement Identifying and analyzing lateral movement techniques, including pass-the-hash and token manipulation
Module #13 Hunting for Command and Control (C2) Activity Identifying and analyzing C2 communication protocols and channels
Module #14 Advanced Analytics and Machine Learning Using advanced analytics and machine learning techniques to identify patterns and anomalies
Module #15 Threat Hunting for Cloud-Based Threats Hunting for threats in cloud-based environments, including AWS, Azure, and Google Cloud
Module #16 Threat Hunting for IoT-Based Threats Hunting for threats in IoT devices and networks
Module #17 Threat Hunting for Advanced Persistent Threats (APTs) Hunting for APTs, including nation-state sponsored threats
Module #18 Threat Hunting for Insider Threats Hunting for insider threats, including intentional and unintentional insider activity
Module #19 Creating and Managing Threat Hunting Teams Building and managing effective threat hunting teams, including roles and responsibilities
Module #20 Threat Hunting Tools and Technologies Overview of threat hunting tools and technologies, including Splunk, ELK, and Apache Spot
Module #21 Threat Hunting Automation and Orchestration Automating and orchestrating threat hunting tasks using tools such as Phantom and Demisto
Module #22 Threat Hunting for Compliance and Governance Hunting for threats to meet compliance and governance requirements, including PCI-DSS and HIPAA
Module #23 Threat Hunting for Incident Response Using threat hunting techniques during incident response, including containment and eradication
Module #24 Threat Hunting Metrics and Measurement Defining and tracking metrics for threat hunting, including mean time to detect (MTTD) and mean time to respond (MTTR)
Module #25 Course Wrap-Up & Conclusion Planning next steps in Advanced Threat Hunting Techniques career
