8-bit video game blocks with pixel art of the Learn One and Learn Enterprise logos

Level up your training with limited-time offers - Discounts for Individuals and Enterprise

TH-200: The practical approach to threat hunting from an organization that employers trust

TH-200: Threat Hunting for comprehensive cybersecurity expertise

INE’s Threat Hunting Professional course provides solid theoretical knowledge, but today’s cybersecurity roles demand practical, real-world skills. To excel, you need more than just an understanding of tools—you need hands-on experience with real-world threats and the ability to apply defensive techniques across any environment.

That’s where TH-200 from OffSec comes in. Developed by the creators of the OSCP certification, TH-200 goes beyond theory, equipping you with practical, tool-agnostic threat hunting skills that employers require.

Learn more
TH-200: Threat Hunting for comprehensive cybersecurity expertise

The OffSec Difference

In-depth threat actor analysis

TH-200 provides detailed insights into ransomware groups and Advanced Persistent Threats (APTs), enabling you to anticipate and counter real-world adversaries effectively.

Stay ahead of emerging threats

By understanding the tactics and techniques of actual threat actors, TH-200 equips you to recognize and respond to evolving cyber threats before they impact your organization.

Tool-agnostic methodologies

OffSec develops adaptable threat hunting skills that transcend specific tools, ensuring you remain effective regardless of the technologies your organization employs.

Tools trained on

crowdstrike splunk

TH-200 versus INE’s eCTHPv2

TH-200

$1,649

eCTHPv2

$1,199*
Threat hunting coverage

Comprehensive

Moderate
Real-world scenarios

Extensive

Moderate
Hands-on labs

Extensive

Moderate
Tool coverage

Tool-agnostic

Focus on specific tools
Industry recognition

High

Moderate
Certification difficulty

High

Moderate
Exam format

Performance-based

Performance-based
Course hours

41

21

*As of July 1, 2024

TH-200: Foundational Threat Hunting

Hands-on training

OffSec provides practical, hands-on labs designed to reinforce key concepts and prepare you for real-world threat hunting. You’ll gain the skills to handle live scenarios confidently.

Trusted teaching methodology

OffSec is widely recognized as the industry standard for cybersecurity training. Hundreds of organizations rely on OffSec’s rigorous curriculum and hands-on labs to ensure workforce readiness.

Workforce readiness

Prepare for real-world challenges with OffSec’s emphasis on critical thinking and problem-solving. Develop the mindset needed to adapt to evolving cyber threats and stay ahead in your career.

Topics covered in the Foundational Threat Hunting Course (TH-200)

  • Threat Hunting Concepts and Practices

    This module provides an overview of the basic objectives, concepts and practices of cyber threat hunting. It covers how enterprises implement threat hunting and the different stages and types of threat hunts.

  • Threat Actor Landscape Overview

    This module provides an overview of different types of threat actors with an emphasis on ransomware actors and Advanced Persistent Threats (APTs). It includes a number of more in-depth discussions of well-known threat actors.

  • Communication and Reporting for Threat Hunters

    This module introduces the way in which threat hunters receive and use threat intelligence, and create threat reports. It covers the concept of the Traffic Light Protocol but does not cover IoCs.

  • Hunting with Network Data

    This module explores using Network Indicators of Compromise (IoCs) for proactive threat hunting. It highlights the role of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), like Suricata, in monitoring for suspicious activities. Practical methods to identify signs of compromise in networks are covered, followed by hands-on exercises to develop threat detection skills.

  • Hunting on Endpoints

    This module provides an introduction to cyber threat hunting utilizing Endpoint IoCs. It covers intelligence-based and hypothesis-based threat hunting as well as considerations that improve the effectiveness of a hunt.

  • Threat Hunting without IoCs

    This module teaches threat hunting techniques that don’t rely on known IoCs. It covers custom threat hunting, focusing on behavioral analysis and data correlation to detect advanced threats. Tools like CrowdStrike Falcon are used to apply these methods in practical scenarios.

*Course duration with associated exam: 41 hours

Download course syllabus

What cybersecurity professionals are saying

Duane LaFlotte

Duane LaFlotte

CTO, Pulsar Security

I feel like every person's first experience in cybersecurity should be OffSec. Before you go out to figure out how to create a zero-day and you get confused, if you start with OffSec, that won't happen due to how methodologically all the training is put together.
Emile Kok

Emile Kok

Founder and Managing Director, TSTC Institute

When going to the real world, you have to know what you're doing and understand what is expected from you on the job. For us, OffSec is the champion in this league in educating and preparing learners.
Douglas Costa

Douglas Costa

Cyber Threat Intelligence & Threat Hunter

This certification reinforces my ability to think creatively, manage time and resources effectively, and persist through complex challenges.

Start learning with OffSec

Most
popular

Course + Cert
Exam Bundle

$1,649/once

The bundle includes 90 days of access to a single course, the associated labs and a single exam attempt.

Buy now
20%
off

Learn
One

$2,599/year*

$2,079/year*

One year of lab access alongside a single course plus two exam attempts.

Get 20% off
All
access

Learn
Unlimited

$5,799/year*

Unlimited OffSec Learning Library access plus unlimited exam attempts for one year.

undefined
Large teams

Learn
Enterprise

Get a quote

Flexible terms and volume discounts available.

Contact us
*Subscription auto-renews unless canceled.