New Skills

New Training: Proactive Threat Hunting

by Team Nuggets
New Training: Harden Security Controls picture: A
Published on February 25, 2021

In this 7-video skill, CBT Nuggets trainer Jacob Moran teaches you how to establish a threat hunting hypothesis, how to profile threat actors, and how to control the attack surface area. You’ll also gain an understanding of attack vectors and learn how modern software techniques such as AI can be used to create a more successful threat hunting environment. Watch this new CompTIA training.

Watch the full course: CompTIA Cybersecurity Analyst

This training includes:

  • 7 videos

  • 33 minutes of training

You’ll learn these topics in this skill:

  • What is Proactive Threat Hunting?

  • Establishing a Proactive Threat Hunting Hypothesis

  • Profiling Threat Actors and Activities

  • Threat Hunting Tactics

  • Controlling the Attack Surface Area and Critical Assets

  • Identifying Attack Vectors

  • Leveraging Improved Detection and Integrated Intelligence

Proactive Threat Hunting and How to Get There

Humans are reactive in nature, but in the IT world they have to be proactive. Proactive Threat Hunting requires looking for threats in areas you would not expect them to be in.

In the past signature-based rules, looking for a code match, were used by threat-hunting automation but those rules meant the threat was already out there and had possibly already done the damage. It was also primarily limited in scope to PCs and servers. It was not proactive but made it easy for the IT technicians since all they had to do was apply a new definition file and now, they were looking for the new threat that someone else had already identified.

Now we need to be more proactive. IT technicians need to make a base image of code, data, file hashes, etc. on all of the devices that make up the network (e.g., routers, servers, etc.). When anything changes that image outside of the norm, then it is probably being done by a threat. Use your eyes, automated processes or AI to search through your systems and network so you can detect something hiding in there before it does any damage.

Recommended Articles