What is threat hunting?
Threat hunting is the act of searching network systems proactively for malware, firewall intrusion and data leakage that have resulted from threats that have bypassed the existing security measurements in place and attempt to isolate them. Threat hunting incorporates different tools like SIEM, IDS and malware sandbox to detect and rectify the security breach.
At Essential InfoSec we aim to establish a threat hunting process which can be utilised a student to effectively identify and try to resolve the problem. These steps include:
- Data collection and processing the raw data
- Forming a hypothesis based on the analysed data
- Hunting for threats and identifying the potential threats
- Responding on the identified threats to secure the system
People involved in the process are called threat hunters and are an integral part of the IT security industry.
What is the objective of this course?
Threat hunter’s responsibility is of utmost importance in cyber security. These are the professionals who are constantly looking for new faults in the system and analysing the threat data gathered. This data is then utilised by security companies around the world to develop new anti-malware and better secure their system.
We aim to train new threat hunters to be proficient in:
- Collecting quality data for analysis
- Mastering industry standard analysis tools
- Determining the intelligence in the threat analysis to better understand the attacker
- Developing counter measures for potential exploits in the future.