Master the essentials of threat hunting: Protect your network
OffSec Learning Path: Threat Hunting Foundations
In today's complex threat landscape, reactive security is no longer enough. This hands-on Learning Path will equip you with the essential skills to proactively hunt down and neutralize adversaries. Learn to:
-
Deep dive into the tactics, techniques, and procedures (TTPs) of ransomware groups, APTs, and other threat actors
-
Conduct meticulous network and endpoint forensic analysis to uncover hidden threats
-
Develop custom hunting strategies that go beyond relying on traditional Indicators of Compromise (IoCs)
Track down elusive attacks
This Learning Path will equip you with the fundamental skills needed to protect your organization's critical assets. You'll learn to identify and investigate threats, uncover potential attack techniques, and proactively improve your security posture by addressing vulnerabilities.
Who is this Learning Path for?
- Aspiring threat hunters seeking foundational skills
- Security analysts looking to advance their threat detection capabilities
- SOC team members aiming to master proactive threat identification
Learning objectives
- Dissect the goals, techniques, and tools of common threat actors, including ransomware groups and APTs
- Analyze network traffic and endpoint data to pinpoint malicious activity
- Understand methodologies, investigative processes, and the threat hunting mindset
- Master communication and reporting skills for efficient threat intelligence sharing
Key modules in the Threat Hunting Foundations Learning Path
Threat Hunting Concepts and Practices
- This modules provides an overview of the basic objectives, concepts and practices of threat hunting. It covers how enterprises implement threat hunting and the different stages and types of threat hunts.
Threat Actor Landscape Overview
- This module provides an overview of different types of threat actors with an emphasis on ransomware actors and Advanced Persistent Threats (APTs). It includes a number of more in-depth discussions of well-known threat actors.
Communication and Reporting for Threat Hunters
- This module introduces the way in which threat hunters receive and use trheat intelligence, and create threat reports. It covers the concept of the Traffic Light Protocol but does not cover IoCs.
Hunting With Network Data
- This module explores using Network Indicators of Compromise (IoCs) for proactive threat hunting. It highlights the role of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), like Suricata, in monitoring for suspicious activities. Practical methods to identify signs of compromise in networks are covered, followed by hands-on exercises to develop threat detection skills.
Hunting on Endpoints
- This module provides an introduction to threat hunting utilizing Endpoint IoCs. It covers intelligence-based and hypothesis-based threat hunting as well as considerations that improve the effectiveness of a hunt.
Threat Hunting Foundations overview
6
modules
40+
hours of content (approx.)
11+
skills
Earning an OffSec Learning Badge
Showcase your growing Threat Hunting expertise! Upon completing 80% of the Threat Hunting Foundations Learning Path, you'll receive an exclusive OffSec badge signifying:
- Threat hunting proficiency: Demonstrate your fundamental knowledge and practical skills
- Industry recognition: Add a powerful OffSec credential to your skillset
- Real-world readiness: Prove your ability to defend against threats
Why train your team with OffSec?
Actionable skills
Practice in realistic lab environments
Comprehensive approach
Learn the full threat hunting spectrum
Attacker mindset
Anticipate adversary moves by understanding their TTPs
Start learning with OffSec
All
access
Learn
Unlimited
$5,799/year
Unlimited OffSec Learning Library access plus unlimited exam attempts for one year.
Large teams
Learn
Enterprise
Get a quote
Flexible terms and volume discounts available.
Learn Unlimited provides individuals and organizations with unlimited access to the OffSec Learning Library. This includes all courses, content and learning paths. Learners also receive unlimited exam attempts and time in any of our hands-on lab environments.
What’s included
1 year of access to unlimited courses & content
Unlimited exam attempts during your subscription
365 days of lab access
1 year of unlimited access to all fundamental content and OffSec curated Learning Paths
PEN-103 + unlimited KLCP exam attempts
PEN-210 + unlimited OSWP exam attempts
3 downloads of course material
FAQ
- Introduction to Threat Hunting
- Understanding Threat Actors
- Communication and Reporting for Threat Hunters
- Hunting With Network Data
- Hunting on Endpoints
- Threat Hunting Without IoCs
- Get into Networking
- Get into Active Directory
- Get into Windows
- Threat Hunting Processes
- Enterprise Network and Systems
- Hypothesis Driven Threat Hunting
- APTs and TTPs for Threat Hunters
- Report Writing: Threat Hunter
- Network Traffic Analysis, Platform Monitoring
- User Behaviour Analysis
- Process Analysis
- Advanced Adversary Tactics
- Common Tools: Threat Hunter
- Common Attack Techniques: Threat Hunter
- Hands-on practice in realistic lab environments
- In-depth exploration of threat hunting concepts, tactics, and techniques
- Developing the attacker mindset to anticipate threats
Start your journey today
New to cybersecurity want to get educated on fundamental content before signing up?
Check out Cyberversity - our free resource library covering essential cybersecurity topics.
Learn more