ATT&CK® Threat Hunting and Detection
Engineering Certification
Learn How to Threat Hunt
Experts from MITRE produced this course to teach students how to utilize knowledge of adversary TTPs as described in the MITRE ATT&CK framework to develop, test, tune, and employ robust analytics to detect and investigate malicious cyber activity. Learners taking this course will learn how to leverage ATT&CK to develop hypotheses, determine data collection requirements, identify and mitigate collection gaps, test and tune analytics using purple teaming, and conduct a threat-informed hunt. The ability to apply the TTP-based hunting methodology, as demonstrated by successful completion of this program, supports your dedication to securing critical networks and systems against attacks from advanced cyber adversaries.
Target Audience
Top job titles related to this credential include:
- Cybersecurity / Information Security Analyst
- (Junior/Senior) Threat Hunter
- Senior Cybersecurity Analyst
- Network Architect
- Computer and Information Systems Manager
Course Prerequisites
- Practitioners should have a solid understanding of the ATT&CK Framework
- Familiarity with Windows, Splunk or ELK, and networking fundamentals
- We highly recommend taking the ATT&CK Threat Hunting course to facilitate success
Course Goals
- Teach learners to execute a six-step TTP-based hunting methodology centered on use of the ATT&CK® Framework
- Learn to effectively identify adversarial behaviors of interest
- Easily articulate hunt-directing hypotheses that inform the development of written analytics that drive information needs and data collection requirements
