Intelligence-Driven Threat Hunting

Overview

Designed as a follow-on to the Paralus Applied Threat Intelligence Course, organizations that have already incorporated cyber threat intelligence (CTI) into security operations can move from a reactive posture to an active hunt stance against attackers. With the foundations of CTI in place, organizations can work to train, engage, and empower security personnel to leverage knowledge and adversary operational profiles to build robust, intelligence-driven hunt programs.

This course addresses the following items:

  • The fundamentals of threat hunting within security operations.
  • Hypothesis development, testing, and evaluation as part of a knowledge and intelligence-driven hunting program.
  • Differentiating between internal and external hunting operations, including production of internal threat intelligence for operational consumption.
  • Reporting and recording fundamentals and the critical aspect of knowledge maintenance and longevity for sustainable hunting activity.
  • Building threat hunt teams within the context of classical security operations center (SOC) and incident response (IR) roles.

Syllabus

Course outline and Syllabus are available for download here.