Cyber Threat Hunting is two-day in-class training on threat hunting.
This course covers the fundamentals of threat hunting; how to build
out a hunt program in your own environment; and how to identify,
define, and execute a hunt mission. The course introduces essential
concepts for network and endpoint hunting and then allows learners to
apply techniques to hunt for anomalous patterns. Hands-on activities
follow real-world use cases to identify attacker techniques. Learners
will leave the course with concrete use cases that they can leverage
to hunt in their own environment.
Throughout the course, instructors provide guidance on hunting
across typical security toolsets such as SIEM, packet capture, and
EDR; learners attending the course do not need a prior knowledge of
specific FireEye technology to benefit from the instruction, however,
lab activities are leveraged on the following FireEye technologies:
FireEye Helix, FireEye Endpoint Security (HX) and FireEye Network
Forensics (PX/IA). For example, Endpoint Hunting use cases leverage
either FireEye Endpoint Security (HX), or Helix, or both, to acquire
data used in the Hunt Mission.
Training provided by: FireEye
START DATE: November 23, 2021 9:00am GMT
END DATE: November 24, 2021 5:00pm GMT
LOCATION: ILT via WebEx. Details will be provided on
COST: US$3,000 or 3 EoD units
You may take this course in combination with the Hunt Mission
Workshop course (November 22, 2021) for the reduced total price of
$4,000 USD or 4 EOD units for both courses. Please contact us at
[email protected] if you wish to purchase a seat at this combined course.
Completion of Endpoint Investigations instructor-led
course; a working understanding of networking and network security,
the Windows operating system, file system, registry and regular
expressions, and basic experience scripting in Python (or similar) language.
Students must have access to a laptop running one of the following
browsers: Chrome (latest), Firefox (latest), or Internet Explorer (10
or greater). Wireshark is recommended.
FireEye classes include hands-on activities in the FireEye Training
Lab. Important: Students must be able to connect to the FireEye
Training Lab. Please verify connectivity for the labs prior to the
first day of class by visiting portal.ork.training.fireeye.com and portal.sfo.training.fireeye.com. You should see
the lab login screens.
The lab is a protected environment and requires a login for access.
Once registered for class, students will receive their training lab
credentials via email. These credentials will not be activated until
the first day of class, and will expire upon class completion. Please
note that any attempts to log in prior to class commencement will fail.