Threat Hunting: Endpoint Hunting
Being responsible to go find the anomalies within an environment can be a daunting task. This course will teach you how to hunt through endpoint artifacts to find malicious behavior.
What you'll learn
Finding anomalies or malicious artifacts without the help of alerts or defensive mechanisms can be very challenging. In this course, Threat Hunting: Endpoint Hunting, you’ll learn to hunt for specific APT techniques found in endpoint data. First, you’ll explore the various endpoint data sets and how to take advantage of correlation. Next, you’ll discover how to find artifacts related to initial access, implants, and persistence. Finally, you’ll learn how to detect behaviors related to privilege escalation and credential stealing. When you’re finished with this course, you’ll have the skills and knowledge of endpoint hunting needed to provide the proactive approach to security analytics.
Table of contents
About the author
Brandon DeVault is a Security Researcher focused on threat hunting at CrowdStrike. He is also a member of the Florida Air National Guard with a variety of offensive and defensive experience. Prior to joining CrowdStrike, Brandon worked full-time as an author with Pluralsight and at Elastic, creating and delivering security content. He also worked with Special Operations Command, where he had two deployments to Afghanistan on deployable communications teams. His experience spans incident response... more