Turn your defense into offense with Developing a Threat Hunting Capability, a course designed to explore the options available to organizations for cyber threat hunting, including manual, automated and machine-assisted hunters. You will learn to identify and evaluate strategies for cyber-attack prevention and improve your preparedness for cyber threats. Lead the transformation of your company's team structures and learn new advanced security processes from a certified expert.
No Mandatory Login Times
4-6 Hours of Work per Module
“There are really three crucial areas in building a threat hunting capability: The first is knowing your environment, the second is building a good hypothesis. But the third piece, which probably is more crucial than anything else, is the after action.”
Define the activities, goals and objectives of your threat hunting capability. Identify assumptions and knowledge of your network in order to determine valid targets to hunt for. Explain key steps involved in building a threat hunting function inside your current program. Describe key ingredients for maximizing your team's threat hunting outcomes.
Describe key components of the hunt process including the role of the hypothesis in the process. Define the elements of a good hunt hypothesis. Evaluate the quality of various hunt hypotheses. Create a hunt hypothesis. Explain how available tools can become the limiting factor in developing good hypotheses. Describe the role and functionality of MitreAtt&ck in the hunt process.
Describe the role of the maturity model as applies to threat hunting activities. Explain key components of the hunting maturity model. Describe the relationship between the pyramid of pain and hunting maturity. Explain key steps involved in progressing your team to perform different and higher quality hunting activities.
Describe how to use metrics to measure your team's effectiveness and trends over time. Apply metrics to measure threat hunting effectiveness. Justify the investment in time and money and its value to leadership using metrics. Evaluate sample metrics.
Learn to protect against real cybersecurity threats, including FIN 7 attacks, in this applied course. Enroll in Cybersecurity Cases from EmergingEd.
Learn about security information and event management (SEIM), traffic light protocol (TLP) and more. Enroll in Cyber Threat Intelligence from EmergingEd.
Learn cloud security strategies and tips for securing data and digital assets during cloud deployment. Enroll in Cloud Security from EmergingEd.
Learn key cybersecurity training strategies and develop an effective incident response plan. Enroll in Cybersecurity Risks and Industry from EmergingEd.
Learn to run red team exercises, ID resources that can be used, such as Mitre ATT&CK, and more. Enroll in Building a Red Team Capability from EmergingEd.
Learn the cyber threat landscape basics with this introductory cybersecurity course. Enroll in Cybersecurity Foundations and Frameworks from EmergingEd.
Learn the basics of network traffic analysis and threat detection from the experts at FireEye, powered by EmergingEd. Enroll today.
Jeffrey Groman, founder of Groman Consulting Group, is dedicated to helping organizations identify and resolve their greatest cybersecurity risks. Mr. Groman has worked in the security field for more than 20 years. As a cybersecurity consultant, he has guided major corporations, including banks, insurance companies and software providers through risk prevention and rapid response to incidents and security breaches.
Mr. Groman is certified in forensic analysis and application security, and previously worked with Mandiant Security Consulting Services and FireEye, providing strategic and incident response consulting to security teams and educating executives through delivery of SOC assessments. In these roles, Mr. Groman led a team of consultants and functional experts in working with a wide range of clients across multiple verticals, including NYC Health and Hospitals, Blue Cross Blue Shield Association, Ameriprise Financial, American Express, Ally, Huntington National Bank, Eaton, Caterpillar, DST Systems, Sprint and TransAmerica.
Mr. Groman is passionate about cybersecurity and partnering with clients to find solutions to complex issues. His book “Avoid These 11 Pitfalls and Minimize the Pain of Your Next Data Breach” is designed to help organizations learn from his decades of real-world experience. He has presented at Information Systems Security Association (ISSA) International, NetSecure and Infragard conferences; briefed boards of directors; conducted tabletop exercises and workshops; and helped clients build security processes to be better prepared for the inevitable.
Mr. Groman has a BS in Electrical and Computer Engineering from the University of Colorado, Boulder.