Threat Hunting: Network Hunting
|
Being responsible to go find the anomalies within an environment can be a daunting task. This course will teach you how to hunt through network traffic to find malicious behavior.
Finding anomalies or malicious artifacts without the help of alerts or defensive mechanisms can be very challenging. In this course, Threat Hunting: Network Hunting, you’ll learn to hunt for specific APT techniques found in network data. First, you’ll explore the data sets and importance of centralized network collection. Next, you’ll discover how to search for phishing and C2 artifacts. Finally, you’ll learn how to detect behaviors related to lateral movement and any objectives the adversary is attempting to accomplish. When you’re finished with this course, you’ll have the skills and knowledge of network hunting needed to provide the proactive approach to security analytics.
Author Name: Brandon DeVault
Author Description:
Brandon DeVault is a Security Researcher focused on threat hunting at CrowdStrike. He is also a member of the Florida Air National Guard with a variety of offensive and defensive experience. Prior to joining CrowdStrike, Brandon worked full-time as an author with Pluralsight and at Elastic, creating and delivering security content. He also worked with Special Operations Command, where he had two deployments to Afghanistan on deployable communications teams. His experience spans incident response… more
Table of Contents
- Course Overview
1min - Normalizing the Traffic
19mins - Phishing
13mins - Command and Control
28mins - Lateral Movement
16mins - Actions on Objective
10mins
User Reviews
Be the first to review “Threat Hunting: Network Hunting”
Related Products
PCI DSS: Restricting Access to Cardholder Data
Requirements 7, 8 & 9 of PCI DSS version 3.2.1 are to Implement Strong Access Control Measures for logical and physical cardholder data. You'll understand what each requirement asks for and discover practical guidance from experienced PCI assessors.
Microsoft Information Protection and Compliance: Implementing Information Protection
Unlock data protection mastery with this course. Learn how to manage sensitive info, classify data, apply label policies, and implement email encryption in Microsoft Purview.
Android 4 Security: Effective Permission Handling
Permissions play a key role in guarding user privacy and data for Android apps. This course will give you a deep understanding of how permissions work, how to request permissions, and how to avoid accidental data leaks when using permissions.
OS Analysis with Wazuh 4
Want to learn how to detect process-level and file-level attacks? How about automatically blocking data exfiltration over a C2 channel? If so, you're in the right place! In this course you will learn OS Analysis using Wazuh.
Data Security Champion: Secure Transfer Protocols
Learn to protect data integrity. This course will teach you about secure data transfer protocols.
PCI DSS: Infrastructure Security
The first two requirements of PCI DSS version 3.2.1 are to build and maintain secure networks and systems. You'll learn to understand what each requirement asks for and discover practical guidance from experienced PCI assessors.
There are no reviews yet.