Prague 22 - 24 April 2024

Virtual training

Targeted Threat Hunting

Incidents happen. The question is when. And maybe even better question is not when it will happen, but what if it has already happened. The attack could be stealthy and undetected yet. However, we can assume that the attack is still ongoing. Now, with this mindset, lets focus on our possibilities. How we can detect the attack and verify our hypothesis? The answer is Threat Hunting.

Probably there are some reasons why we could be targeted by the specific threat actors. We can analyse the threat landscape and learn about our enemies, because our enemies are aware of us – they already started with their reconnaissance. So, we can leverage the Threat Intelligence to speedup our Threat Hunting. We can target the specific threats relevant in our context to be more specific and bring even more precision to our hunting.

This instructor-led training we will cover the necessary theory, but we will mostly focus on practise and hands-on exercises. We will take steps to prepare for the Threat Hunting such as sharpen our detection techniques based on host and network artifacts. Then, we should be able to detect the attacker’s footprint in the (lab) environment, putting the traces together and investigate the (simulated) cyber attack.

KEY TAKEAWAYS

During the training, we will:

  • discuss various Threat Hunting approaches and strategies
  • introduce Threat Intelligence basics
  • collect and prepare Indicators of Compromise and detection signatures
  • detect host-based and network-based intrusions
  • perform targeted Threat Hunting based on relevant Threat Intelligence data
Register

Trainer

Ladislav Baco

Network Analyst
Eset
Register

More info about training

DATE

14 June 2022 (Virtual, Webex/MS Teams)
9:00 – 14:00 (5 hours including small breaks)

TARGET AUDIENCE:

  • Security Specialists
  • Incident Responders
  • Blue Teamers
  • SOC Analysts
  • Forensic
  • Investigators
  • Malware Analysts

PRE-REQUISITES:

The participants should:

  • be familiar with Windows OS
  • be familiar with Linux OS (basic Linux knowledge is sufficient)
  • have a computer with at least 16 GB of RAM, 40 GB of free space on HDD/SSD and installed VirtualBox (64-bit edition)
  • have an active unfiltered network connection
    • lab virtual machines and training data will be provided in advance
    • during training we will use several online resources and cloud services
Register for training

QUBIT CONFERENCE®

HEADQUARTER:

QuBit Security, s.r.o.
J. Kozáčeka 2, 960 01
Zvolen, Slovakia

OFFICE:

QuBit Security, s.r.o.
Martinčekova 17, 821 01
Bratislava, Slovakia

info@qubitconference.com
+421 949 000 338

JOIN THE QUBIT COMMUNITY




SECURE PAYMENT
© 2013-2022 Qubit Conference, The Universe of Cyber Security - Privacy Policy - Terms & Conditions - Cookies and Web