Black Hat USA 2019, which is only one month away, offers scores of training courses and research briefings, so every week we’re picking a session we believe Qualys customers will find valuable. This week’s selection is the training course Adversary Tactics — Detection.
This course focuses on abnormal behaviors and attackers’ “tactics, techniques, and procedures” (TTPs). It teaches participants how to create hypotheses based on TTPs to perform threat hunting operations and detect attacker activity. Students will also learn how to use free and open source data collection and analysis tools to gather and analyze large amounts of host information to detect malicious activity.
Key takeaways from the course will include learning how to conduct effective, continuous hunt operations; run an end-to-end hunt operation; and develop metrics that measure the effectiveness of detection capabilities. Designed for defenders wanting to learn how to hunt in enterprise networks, this four-day course will be taught by experts from SpecterOps, a security firm that provides adversary-focused services.