The Marriage of Threat Intelligence and Incident Response or Threat Hunting for the Rest of Us
via YouTube
Overview
This course covers the marriage of threat intelligence and incident response, as well as threat hunting. The learning outcomes include understanding the differences between threat intelligence and threat hunting, learning about traditional incident response models, and exploring threat hunting techniques such as the Pyramid of Pain and file hashes. The course teaches skills like detection, analysis, containment, eradication, and post-incident preparation. The teaching method involves video lectures from BSides Cleveland 2018. The intended audience for this course includes cybersecurity professionals, incident responders, threat hunters, and anyone interested in enhancing their knowledge of cybersecurity practices.
Syllabus
Introduction
Threat Intelligence vs Threat Hunting
Threat Hunting Incident Response
Traditional Incident Response Model
Detection
Analysis
OTX
What Should We Do
Stop the Bleeding Containment
Threat Hunting
Pyramid of Pain
File hashes
Full disclosure
What is Threat Hunting
Eradication
Host Isolation
Post Incident
Preparation
Conclusion