Advanced Network Threat Hunting w/ Chris Brenton
4 Sessions – 4 Hour Classes
Instructors: Chris Brenton
Includes: Live presentation, PDF copy of all of the slides, hands-on labs, pcaps of multiple C2 channels for analysis
So far we’ve had over 10,000 students attend our one-day network threat hunting course. Many have asked that we provide an extended class with more hands-on lab time. That is exactly what we have rolled into this 16-hour course!
We will spend most of this class analyzing pcap files for Command and Control (C2) communications in order to identify malware back channels. It is assumed that the student will already understand the basics of network threat hunting, so we can immediately jump into applying that knowledge. The goal will be to create a threat hunting runbook that you can use within your own organization in order to identify systems that have been compromised.
- Identify tools and processes for network threat hunting
- How to set up a threat hunting environment
- Threat score system to prioritize artifacts
- Leveraging network findings to pivot into a forensic analysis
WHO SHOULD TAKE THIS COURSE
- Security analysts looking to hone their threat hunting skills
- Junior analysts looking to forward their security career
- Environments needing to quickly identify compromised systems
- Analysts needing to protect IoT and IIoT environment
AUDIENCE SKILL LEVEL
- Access to an Ubuntu 16.04 LTS system
- Four cores, 16 GB RAM, 50 GB of free storage under the /home directory
- Ubuntu system can be a dedicated system, VM or public cloud IaaS server
- Internet access
- The ability to connect to the Ubuntu system via SSH
- A system capable of participating in the video conference
WHAT A STUDENT SHOULD BRING
- A desire to learn and lots of questions!
WHAT STUDENTS WILL BE PROVIDED WITH
- Slide deck
- VMs with all labs
- 6 months Cyber Range access
TRAINER & AUTHOR
Please keep an eye on the Training Schedule page for when this course will be offered next.