Threat Hunting: Network Hunting

Focused View

Brandon DeVault

1:29:49

83 View

Exercise Files

threat-hunting-network-hunting.zip

Module 1 - Course Overview

1. Course Overview.mp4

01:48

Module 2 - Normalizing the Traffic

1. Who Are You and Where Are We.mp4

01:55

2. Importance of Centralized Correlation.mp4

03:31

3. Reviewing the Network Layout and Baselining.mp4

04:27

4. Demo - Exploring the Dashboards.mp4

09:06

Module 3 - Phishing

1. The Approach.mp4

03:43

2. Demo - SMTP Email Headers Analysis.mp4

08:12

3. Remediating Email.mp4

01:45

Module 4 - Command and Control

1. Many Flavors.mp4

02:41

2. Demo - Hunting through Certificates.mp4

07:25

3. What Does That Tell Us.mp4

01:43

4. Demo - Theres More to the Story.mp4

09:35

5. The Last Piece.mp4

01:44

6. Demo - HTTP Payloads.mp4

03:09

7. All the Artifacts.mp4

01:45

Module 5 - Lateral Movement

1. What About Inside.mp4

06:07

2. Demo - Remotely Desktopping.mp4

06:12

3. Recover.mp4

02:32

4. Demo - Secure Shelling.mp4

01:41

Module 6 - Actions on Objective

1. Whats the Motivation.mp4

02:06

2. Interview Time.mp4

02:05

3. Demo - Hunting Exfil.mp4

04:34

4. Dragon Tamer.mp4

02:03

Description

Being responsible to go find the anomalies within an environment can be a daunting task. This course will teach you how to hunt through network traffic to find malicious behavior.

What You'll Learn?

Finding anomalies or malicious artifacts without the help of alerts or defensive mechanisms can be very challenging. In this course, Threat Hunting: Network Hunting, you’ll learn to hunt for specific APT techniques found in network data. First, you’ll explore the data sets and importance of centralized network collection. Next, you’ll discover how to search for phishing and C2 artifacts. Finally, you’ll learn how to detect behaviors related to lateral movement and any objectives the adversary is attempting to accomplish. When you’re finished with this course, you’ll have the skills and knowledge of network hunting needed to provide the proactive approach to security analytics.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Network Security

Network Engineering

Network Monitoring

Brandon DeVault

Instructor's Courses

Brandon DeVault is an Sr. Security Author focusing on general blue team operations, incident response, and threat hunting at Pluralsight. He is also a member of the Florida Air National Guard and works as a threat hunter on a Mission Defense Team (MDT) defending North America’s air tracks. Prior to joining Pluralsight, Brandon worked with Elastic as an Education Architect creating and delivering security content. He also worked with Special Operations Command where he had two deployments to Afghanistan on deployable communications teams. His experience spans satellite communications, radio technologies, system and network administration. Brandon is also passionate about hardware hacking, soldering, hiking, and currently holds the GCIA, GCED, and Security+ certifications.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.