CSX THREAT HUNTING
The Cybersecurity Nexus (CSX) Threat Hunting Course (CTHC) course provides students with an understanding of cybersecurity threat hunting and a set of skills, techniques, and tactics which they can implement to identify and combat known threats and protect against potential unidentified threats on a system of responsibility. Students will work with real systems in real environments and will leverage forensics, attack techniques, custom scripts, and specific toolsets to complete tasks in a cybersecurity environment. Upon completion, students will be able to proactively leverage their new skill set to identify and combat threats within networks and systems– valuable traits in the cybersecurity field.
CONTENUTO:
Introduction to Threat Hunting (Lesson)
- Gain an overall understanding of threat hunting;
- Understand the importance of threat hunting;
Threat Hunting Methodology (Lesson)
- Learn the process of threat hunting before attempting threat hunting;
The Threat Landscape (Lesson)
- Learn and identify organizational threats;
- Learn and identify global threats;
Exploitation and Threat Creation (Lab/Instructional)
As a threat hunting specialist, it is your responsibility to understand the offensive side of cybersecurity in order to strengthen an organization''s defensive position. In this lab, students will exploit a Windows Server system in order to understand how vulnerabilities can be used maliciously.
Memory Forensics (Lesson)
- Learn about the history and need for memory forensics;
Memory Forensics (Lab/Instructional)
In this lab we will take a look at the memory dump we did earlier and do some pretty cool forensics against that dump. In most enterprise environments organizations have host-based agents on most devices that are able to on-the-fly perform memory dumps which would then allow you the threat hunter to literally pick a device, or group of devices and say “I’d like a memory dump of that device or those devices please”, and get it pretty quickly. For smaller environments, you may have to go to devices and individually perform the dump as we have with this Windows virtual machine. That will take more time, but either way, you’ll know how to do it!
Network Forensics (Lesson)
- Learn about network forensics;
- Discover the tools to use while conducting Network Forensics;
- Get a packet analysis primer!;
Network Forensics (Lab/Instructional)
In this lab we will look at the memory dump we did earlier and do some pretty cool forensics against that dump. In most enterprise environments organizations have host-based agents on most devices that are able to on-the-fly perform memory dumps which would then allow you the threat hunter to literally pick a device, or group of devices and say “I’d like a memory dump of that device or those devices please”, and get it pretty quickly. For smaller environments, you may have to go to devices and individually perform the dump as we have with this Windows virtual machine. That will take more time, but either way, you’ll know how to do it!
Incident Response Detection and Threat Hunting (Lesson)
- Discover the intel that Threat Hunting can provide;
- Learn the benefits of an incident response team;
- Utilize Threat Hunting in Incident Response;
Creating and Investigating Browser Attacks (Lab/Instructional)
As a threat hunting specialist, it is your responsibility to both create and investigate attacks for education and action taking purposes. In order to strengthen your company''s security, you will need to understand the fundamentals of browser exploits, how they take advantage of vulnerabilities, and how to mitigate the possibility of this happening to your company.
Enterprise Threat Hunting (Lesson)
- Discover the nuances for threat hunting in an enterprise environment;
- Learn the tools that can be used for big data Threat Hunting;
Zeek (Bro) for HTTP Threat Hunting (Lab/Instructional)
As a cybersecurity professional specializing in threat hunting, it will be your responsibility to use Zeek in order to cut and examine log files. This data can provide experts with the critical information needed to identify HTTP threats and other potential malicious activity.
PowerShell (Lesson)
Find out how PowerShell can be utilized to conduct Threat Hunting
Threat Hunting with PowerShell (Lab/Instructional)
As a threat hunting specialist, it is your responsibility to understand the offensive side of cybersecurity in order to strengthen an organization''s defensive position. In this lab, you will exploit a Windows Server system in order to understand how vulnerabilities can be used maliciously.
Evasion Techniques (Lesson)
- Discover the basic evasion techniques used by malware;
- Find out the tools used in order to obfuscate and evade common IDS/IPS;
Covert Communications Examination (Lab/Instructional)
As a threat hunting cybersecurity practitioner, you will need to focus a lot of your attention on what an exploit looks like when attackers use encryption for exfiltration. It will be your responsibility to act as both the attacker and the victim during an investigation process.
Threat Hunt Challenge 1 (Challenge Lab)
As a threat hunting specialist, it is your responsibility to understand the offensive side of cybersecurity in order to strengthen an organization''s defensive position. In this lab, you will exploit a Windows Server system in order to understand how vulnerabilities can be used maliciously.
Threat Hunt Challenge 2 (Challenge Lab)
As a threat hunting expert, it will be your responsibility to apply your skills and abilities to investigate. Your customer is not aware of an attack but thinks there are competitors who seem to be making very similar products. This is a hunt to see if there are any issues. You will need to use your memory forensics skills in order to figure if there is anything to be concerned with.
- Gain an overall understanding of threat hunting;
- Understand the importance of threat hunting;
Threat Hunting Methodology (Lesson)
- Learn the process of threat hunting before attempting threat hunting;
The Threat Landscape (Lesson)
- Learn and identify organizational threats;
- Learn and identify global threats;
Exploitation and Threat Creation (Lab/Instructional)
As a threat hunting specialist, it is your responsibility to understand the offensive side of cybersecurity in order to strengthen an organization''s defensive position. In this lab, students will exploit a Windows Server system in order to understand how vulnerabilities can be used maliciously.
Memory Forensics (Lesson)
- Learn about the history and need for memory forensics;
Memory Forensics (Lab/Instructional)
In this lab we will take a look at the memory dump we did earlier and do some pretty cool forensics against that dump. In most enterprise environments organizations have host-based agents on most devices that are able to on-the-fly perform memory dumps which would then allow you the threat hunter to literally pick a device, or group of devices and say “I’d like a memory dump of that device or those devices please”, and get it pretty quickly. For smaller environments, you may have to go to devices and individually perform the dump as we have with this Windows virtual machine. That will take more time, but either way, you’ll know how to do it!
Network Forensics (Lesson)
- Learn about network forensics;
- Discover the tools to use while conducting Network Forensics;
- Get a packet analysis primer!;
Network Forensics (Lab/Instructional)
In this lab we will look at the memory dump we did earlier and do some pretty cool forensics against that dump. In most enterprise environments organizations have host-based agents on most devices that are able to on-the-fly perform memory dumps which would then allow you the threat hunter to literally pick a device, or group of devices and say “I’d like a memory dump of that device or those devices please”, and get it pretty quickly. For smaller environments, you may have to go to devices and individually perform the dump as we have with this Windows virtual machine. That will take more time, but either way, you’ll know how to do it!
Incident Response Detection and Threat Hunting (Lesson)
- Discover the intel that Threat Hunting can provide;
- Learn the benefits of an incident response team;
- Utilize Threat Hunting in Incident Response;
Creating and Investigating Browser Attacks (Lab/Instructional)
As a threat hunting specialist, it is your responsibility to both create and investigate attacks for education and action taking purposes. In order to strengthen your company''s security, you will need to understand the fundamentals of browser exploits, how they take advantage of vulnerabilities, and how to mitigate the possibility of this happening to your company.
Enterprise Threat Hunting (Lesson)
- Discover the nuances for threat hunting in an enterprise environment;
- Learn the tools that can be used for big data Threat Hunting;
Zeek (Bro) for HTTP Threat Hunting (Lab/Instructional)
As a cybersecurity professional specializing in threat hunting, it will be your responsibility to use Zeek in order to cut and examine log files. This data can provide experts with the critical information needed to identify HTTP threats and other potential malicious activity.
PowerShell (Lesson)
Find out how PowerShell can be utilized to conduct Threat Hunting
Threat Hunting with PowerShell (Lab/Instructional)
As a threat hunting specialist, it is your responsibility to understand the offensive side of cybersecurity in order to strengthen an organization''s defensive position. In this lab, you will exploit a Windows Server system in order to understand how vulnerabilities can be used maliciously.
Evasion Techniques (Lesson)
- Discover the basic evasion techniques used by malware;
- Find out the tools used in order to obfuscate and evade common IDS/IPS;
Covert Communications Examination (Lab/Instructional)
As a threat hunting cybersecurity practitioner, you will need to focus a lot of your attention on what an exploit looks like when attackers use encryption for exfiltration. It will be your responsibility to act as both the attacker and the victim during an investigation process.
Threat Hunt Challenge 1 (Challenge Lab)
As a threat hunting specialist, it is your responsibility to understand the offensive side of cybersecurity in order to strengthen an organization''s defensive position. In this lab, you will exploit a Windows Server system in order to understand how vulnerabilities can be used maliciously.
Threat Hunt Challenge 2 (Challenge Lab)
As a threat hunting expert, it will be your responsibility to apply your skills and abilities to investigate. Your customer is not aware of an attack but thinks there are competitors who seem to be making very similar products. This is a hunt to see if there are any issues. You will need to use your memory forensics skills in order to figure if there is anything to be concerned with.
LIVELLO:
ADVANCEDDOMINIO:
DETECTPREZZO:
400,00 € + IVA
