Threat Hunting: Review, Automate, and Improve
What are the follow-on tasks after completing a threat hunt? This course will teach you how to generate tangible outcomes and improve your threat hunting process.
Completion of a threat hunt involves not only the hunting, but ensuring tangible outputs to improve your organization’s security. In this course, Threat Hunting: Review, Automate, and Improve, you’ll learn to complete the threat hunting cycle with continuous automation and improvement. First, you’ll explore the reporting process and how to measure success. Next, you’ll discover how to build custom detection and automation mechanisms. Finally, you’ll learn how to employ adversary emulation to improve detections. When you’re finished with the course, you’ll have the skills and knowledge of threat hunting needed to improve the maturity of your organization’s threat hunting program.
Author Name: Brandon DeVault
Author Description:
Brandon DeVault is a Security Researcher focused on threat hunting at CrowdStrike. He is also a member of the Florida Air National Guard with a variety of offensive and defensive experience. Prior to joining CrowdStrike, Brandon worked full-time as an author with Pluralsight and at Elastic, creating and delivering security content. He also worked with Special Operations Command, where he had two deployments to Afghanistan on deployable communications teams. His experience spans incident response… more
Table of Contents
- Course Overview
1min - Continuous Improvement and Reporting
33mins - Custom Detection and Automation
34mins - Emulation and Detection
26mins
There are no reviews yet.