Specialized Hunts: Threat Hunting within Databases

Threat actors target databases for persistence, privilege escalation, and data theft. This course will teach you how to hunt for, investigate, and detect real threats within enterprise databases using practical, hands-on techniques.

by Sean Wilkins

Get started

What you'll learn

Databases are common targets for attackers aiming to steal sensitive data, escalate privileges, or establish persistence, yet most environments struggle to detect these specific threats quickly. In this course, Specialized Hunts: Threat Hunting within Databases, you’ll learn how to proactively identify and investigate malicious activities within enterprise database systems. First, you’ll explore methods to detect brute-force attacks and credential abuse by analyzing authentication logs in detail. Next, you’ll discover ways to find unauthorized account creation, privilege alterations, and the removal of legitimate admins using system catalogs and audit trails. Finally, you’ll learn how to hunt for suspicious or unauthorized access to sensitive tables and data within your databases. Upon completing this course, you’ll have the skills and knowledge necessary for database threat hunting to detect, investigate, and respond to real attacks in your environment.

About the author

Sean Wilkins

Sean Wilkins is an accomplished networking consultant and writer for infoDispersion (www.infodispersion.com) who has been in the IT field for over 20 years working with several large enterprises.

More Courses by Sean

Specialized Hunts: Threat Hunting within Databases

What you'll learn

Table of contents

Brute-force Logins: Detecting and Investigating Credential Attacks Learning 13m

Unauthorized Account Creation: Hunting for Persistence and Escalation Learning 13m

Legitimate Admin Removed: Detecting Privilege Suppression and Insider Actions 9m

Suspicious Access to Sensitive Data: Detecting Unusual Data Retrievals Learning 11m

About the author