Threat Hunting: Endpoint Hunting
|
Being responsible to go find the anomalies within an environment can be a daunting task. This course will teach you how to hunt through endpoint artifacts to find malicious behavior.
Finding anomalies or malicious artifacts without the help of alerts or defensive mechanisms can be very challenging. In this course, Threat Hunting: Endpoint Hunting, you’ll learn to hunt for specific APT techniques found in endpoint data. First, you’ll explore the various endpoint data sets and how to take advantage of correlation. Next, you’ll discover how to find artifacts related to initial access, implants, and persistence. Finally, you’ll learn how to detect behaviors related to privilege escalation and credential stealing. When you’re finished with this course, you’ll have the skills and knowledge of endpoint hunting needed to provide the proactive approach to security analytics.
Author Name: Brandon DeVault
Author Description:
Brandon DeVault is a Security Researcher focused on threat hunting at CrowdStrike. He is also a member of the Florida Air National Guard with a variety of offensive and defensive experience. Prior to joining CrowdStrike, Brandon worked full-time as an author with Pluralsight and at Elastic, creating and delivering security content. He also worked with Special Operations Command, where he had two deployments to Afghanistan on deployable communications teams. His experience spans incident response… more
User Reviews
Be the first to review “Threat Hunting: Endpoint Hunting”
Related Products
Developer Security Champion: OWASP Top 10
This course will teach you more about the OWASP Top 10, how it relates to security in an organization, and how it can be integrated into your everyday job functions as a developer.
IT Security Champion: Encryption
Delve into encryption, a basic of IT security, through our beginner-friendly course. This course will teach you the foundational principles of encryption, which enhances security in your organization.
API Security with the OWASP API Security Top 10
This course will teach you about unique vulnerabilities faced by web-based APIs and the defenses you’ll need to protect them.
TorchServe Vulnerabilities: What You Should Know
Q&A session discussing the TorchServe Vulnerabilities (ShellTorch), covering Remote Access, CVE-2023-43654, and CVE-2022-1471.
Talk DevSecOps to Me
This talk digs into the fundamentals of DevSecOps, exploring the key principles required to advance your security practices.
How to GRC Your DevOps
In this session, you'll learn about ways to calibrate GRC and DevOps needs so that they can work in reciprocal ways that benefit each other and not just meet their own goals in disconnected ways.
There are no reviews yet.