Master the essentials of threat hunting: Protect your network

OffSec Learning Path: Threat Hunting Foundations

In today's complex threat landscape, reactive security is no longer enough. This hands-on Learning Path will equip you with the essential skills to proactively hunt down and neutralize adversaries. Learn to:

Deep dive into the tactics, techniques, and procedures (TTPs) of ransomware groups, APTs, and other threat actors
Conduct meticulous network and endpoint forensic analysis to uncover hidden threats
Develop custom hunting strategies that go beyond relying on traditional Indicators of Compromise (IoCs)

Get Started

Hero image for Master the essentials of threat hunting: Protect your network

Track down elusive attacks

This Learning Path will equip you with the fundamental skills needed to protect your organization's critical assets. You'll learn to identify and investigate threats, uncover potential attack techniques, and proactively improve your security posture by addressing vulnerabilities.

Who is this Learning Path for?

Aspiring threat hunters seeking foundational skills
Security analysts looking to advance their threat detection capabilities
SOC team members aiming to master proactive threat identification

Learning objectives

Dissect the goals, techniques, and tools of common threat actors, including ransomware groups and APTs
Analyze network traffic and endpoint data to pinpoint malicious activity
Understand methodologies, investigative processes, and the threat hunting mindset
Master communication and reporting skills for efficient threat intelligence sharing

Key modules in the Threat Hunting Foundations Learning Path

Threat Hunting Concepts and Practices

This modules provides an overview of the basic objectives, concepts and practices of threat hunting. It covers how enterprises implement threat hunting and the different stages and types of threat hunts.

Threat Actor Landscape Overview

This module provides an overview of different types of threat actors with an emphasis on ransomware actors and Advanced Persistent Threats (APTs). It includes a number of more in-depth discussions of well-known threat actors.

Communication and Reporting for Threat Hunters

This module introduces the way in which threat hunters receive and use trheat intelligence, and create threat reports. It covers the concept of the Traffic Light Protocol but does not cover IoCs.

Hunting With Network Data

This module explores using Network Indicators of Compromise (IoCs) for proactive threat hunting. It highlights the role of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), like Suricata, in monitoring for suspicious activities. Practical methods to identify signs of compromise in networks are covered, followed by hands-on exercises to develop threat detection skills.

Hunting on Endpoints

This module provides an introduction to threat hunting utilizing Endpoint IoCs. It covers intelligence-based and hypothesis-based threat hunting as well as considerations that improve the effectiveness of a hunt.

View full syllabus

Threat Hunting Foundations overview

modules

40+

hours of content (approx.)

11+

skills

Earning an OffSec Learning Badge

Showcase your growing Threat Hunting expertise! Upon completing 80% of the Threat Hunting Foundations Learning Path, you'll receive an exclusive OffSec badge signifying:

Threat hunting proficiency: Demonstrate your fundamental knowledge and practical skills
Industry recognition: Add a powerful OffSec credential to your skillset
Real-world readiness: Prove your ability to defend against threats