Specialized Hunts: Threat Hunting within Mail Servers
Offered By: Pluralsight
Course Description
Overview
This course will teach you how you can perform threat hunting analysis on email servers.
Email Servers are crucial for the data flows within an organization. Finding security vulnerabilities before the attackers do is essential for protecting the sensitive data transmitted over emails. In this course, Specialized Hunts: Threat Hunting within Mail Servers, you will learn techniques and methods for improving your skill set in threat hunting. Throughout the course, you will get to know how to leverage different tools in performing threat hunting analysis on Email servers. First, you will learn how to find vulnerabilities related to email account enumeration. Next, you will explore how to identify if an email server is exposed to denial of service attacks. Finally, you will discover how you can leverage ElasticSearch to diagnose malicious activity in the messages reaching an email server. By the end of this course, you will improve your skill set in threat hunting, as well as your ability to find indications of compromise in email servers.
Email Servers are crucial for the data flows within an organization. Finding security vulnerabilities before the attackers do is essential for protecting the sensitive data transmitted over emails. In this course, Specialized Hunts: Threat Hunting within Mail Servers, you will learn techniques and methods for improving your skill set in threat hunting. Throughout the course, you will get to know how to leverage different tools in performing threat hunting analysis on Email servers. First, you will learn how to find vulnerabilities related to email account enumeration. Next, you will explore how to identify if an email server is exposed to denial of service attacks. Finally, you will discover how you can leverage ElasticSearch to diagnose malicious activity in the messages reaching an email server. By the end of this course, you will improve your skill set in threat hunting, as well as your ability to find indications of compromise in email servers.
Syllabus
- Course Overview 1min
- Remote Email Collection (T1114.002) 22mins
- Endpoint Denial of Service (T1499.002) 17mins
- Internal Spearphishing (T1534) 15mins
Taught by
Laurentiu Raducu
Related Courses
TOTAL: CompTIA CySA+ Cybersecurity Analyst (CS0-003)Udemy Operationalizing Cyber Threat Intel: Pivoting & Hunting
Pluralsight Threat Hunting with Yara
Pluralsight Enterprise Security: Policies, Practices, and Procedures
Pluralsight Managing and Responding to Security Events Using Azure Sentinel
Pluralsight