It is commonly considered that threat hunting is a more advanced skill utilized only by companies with more mature cybersecurity programs. To a certain extent, that is accurate. SMBs may have some simple firewalls in place, EDR on their systems, decent password policies and 2-Factor authentication, and that’s it! But every organization of every size and every vertical can benefit from looking for clues of attacks that may have already happened, and you just don’t know it! And you can start simply by doing a little bit of Windows Log Analysis.
Yes… we can learn the basics of threat hunting while simultaneously shoring up the defenses of any group, team or organization using simple tools built into Windows and an amazing open source tool called Chainsaw. And don’t worry. We provide not only the logs containing clues of incidents but also a Windows Virtual Machine hosted in the cloud for you to play and learn in a safe environment.
Price = $45 (25% Off) $60 w/ Code BlackFriday25
What do I get?
Students get their own web-based Windows VM to get hands-on experience with the tools and techniques taught in the course. You will also be provided with numerous log samples to investigate. Step-by-step instructions are provided, so you’re never lost!
Windows Log Analysis covers:
This course teaches you the basics of threat hunting without having to spend untold amounts of many, loads of hardware and software, and having a mature enterprise in place with your own SOC, SIEM, Incident Response team and then comes Threat Hunting! Not even sure what any of those are? Don’t worry. In the next Lesson, we’ll start with defining what each of those are in order of how a typical mature org might implement them. The reason behind this is to show you that there ARE ways to skip a few of those steps and do some rudimentary threat hunting without an extensive security infrastructure that normally is in place beforehand. And you small group will be all the better for it!
0️⃣ Course Introduction
1️⃣ SIEMless Threat Hunting
2️⃣ Initial Access Payloads (5 Example Cases and 4 Labs)
3️⃣ Anomaly Detection (3 Example Cases and 2 Labs)
4️⃣ Wrap Up
Prerequisites for Windows Log Analysis
No prior knowledge is assumed although basic familiarity with Windows Admin Tools, the command line and virtual machines (VMs) are recommended.
