HUNT Certification – Windows
HUNT OPERATIONS AND WINDOWS END-POINT DATA COLLECTION & ANALYSIS
The first of three courses in R9B’s HUNT Certification program is designed to train cybersecurity professionals to actively defend critical Windows systems. The course exposes students to a “Think like the Adversary” mindset in order to actively detect sophisticated and tailored adversary attacks. This course establishes the foundation upon which the R9B HUNT Certification is based; preparing cybersecurity professionals to HUNT for evidence of adversary presence within their network that was previously not detected by automated enterprise security devices and software.
Rather than just reacting to network attacks, students will learn methods to remotely interrogate systems and analyze data to proactively identify systems targeted by an adversary. Students will exercise the identification of malicious code, evidence of adversary presence, and lateral movement within a network. Throughout the program, instructors will share their experience in cybersecurity, operations, and tool development. This will provide students an appreciation of the challenges they face in countering the cyber adversary.
The HUNT [WINDOWS] course starts with a discussion of the concepts of real-time detection of adversary attacks. Students will be exposed to advanced Windows operating system concepts, with an emphasis on adversary file manipulation and persistence techniques used to bypass cybersecurity systems and infrastructure. Follow-on training courses in R9B’s HUNT
(Active Adversary Pursuit) series will focus on Linux and Network based methodologies and operations.
The HUNT Certification – Windows course begins with the concepts of real-time detection and identification of adversary attacks. Instructors expose students to advanced Windows operating system concepts, with emphasis on adversary file manipulation and persistence techniques used to bypass cybersecurity systems and infrastructure. Follow-on training courses in R9B’s HUNT series focus on Linux- and network-based methodologies and operations.
This class is intended for individuals with intermediate to advanced knowledge of information systems and systems security. Some experience with command line tools is desired but not mandatory.
Basic understanding of computers.
• Lecture slides in PDF format
• Exercise materials (e.g. files, VMs, etc.)
• Course reference material (e.g. Books)
$4,600 per student