MITRE ATT&CK Defender™ ATT&CK® Threat Hunting

Who should take this course?

This course is designed for experienced and skilled cybersecurity practitioners who are interested in hunting real-world threats to improve cybersecurity effectiveness.

What are the prerequisites for this course?

You will gain the most benefit from this course if you have mastered the following:

• MITRE ATT&CK® Defender™ (MAD) ATT&CK Fundamentals Training
• Familiarity with Windows
• Familiarity with a SIEM tool like Splunk or ELK
• Proficient in basic networking fundamentals (OSI Model and TCP/IP)

Why should I take this course?

In this course, you will gain the following capabilities:

• Gain foundational education and training on TTP-based hunting
• Define adversarial behavior of interest
• Articulate hypotheses and analytics that drive information needs and data collection requirements
• Refine hypotheses and analytics to power your hunting efforts
• Determine Data Requirements
• Identify and Mitigate Data Collection Gaps
• Implement and Test Analytics
• Hunt/Detect Malicious Activity and Investigate It

What makes this course different from other courses on similar topics?

This course is part of the MITRE ATT&CK® Defender™ (MAD) cybersecurity training and certification program produced by MITRE's own subject matter experts. The lead instructor for this course, Steve Luke, is one of the authors of this methodology at MITRE and is truly an expert in this field. You will be learning how to leverage ATT&CK for threat hunting from the people who created the ATT&CK framework.

Why should I take this course on Cybrary and not somewhere else?

This course enables you to learn from one of the foremost experts in the field, and our on-demand format affords you the flexibility to learn at your own pace.

• Threat Hunting Fundamentals
• Threat Hunting Fundamentals Course Introduction
• Detection Approaches
• TTP-Based Detection
• Prioritization
• Methodology Overview
• Module 1 Knowledge Check
• Developing Hypotheses and Abstract Analytics
• Developing Hypotheses
• Hypotheses Considerations
• Finding Low-Variance Behaviors
• Researching Low-Variance Behaviors
• Investigating Low-Variance Behaviors
• Refining Hypotheses
• Creating Abstract Analytics
• Leveraging External Resources for Analytics
• Module 2 Knowledge Check
• Determining Data Requirements
• Balancing Data Requirements
• Diving into Data Sources
• Leveraging External Resources for Data Requirements
• Module 3 Knowledge Check