Introduction to Company’s Standard Operating Procedures
12
Map Threat Hunter Role to Company's Security Framework
13
Develop Understanding of Company's IT infrastructure
14
Understanding legal guidelines for threat hunting
15
Access to Network Analysis Tools
16
Approval: Access to Advanced Security Tools
17
Introduction to Company's Cybersecurity Culture
18
Hands-on training on Advanced Persistent Threats (APTs)
19
Understanding Company's Incident Management System
20
Setting KPIs for the role
Provide Cybersecurity and Threat Hunting Overview
In this task, you will gain a comprehensive understanding of cybersecurity and threat hunting. You will learn about the importance of threat hunting in identifying and mitigating potential security risks. This knowledge will enable you to effectively contribute to the company's overall security posture. What are the key benefits of threat hunting? How does it complement other cybersecurity measures? What are some challenges faced? Discuss your thoughts on integrating threat hunting into the organization's security strategy.
1
Webinars
2
Online Tutorials
3
In-person Training Sessions
4
Documentaries
5
Podcasts
Introduce team and key stakeholders
In this task, you will be introduced to the team members and key stakeholders. Building relationships and understanding different roles are crucial for collaboration and achieving common goals. Who are the key stakeholders involved in threat hunting? What are their roles and responsibilities? What challenges or conflicts may arise in working with different teams? How can you effectively communicate and collaborate with stakeholders from various departments?
Allocate Workspace
In this task, you will be assigned a dedicated workspace for threat hunting activities. A well-equipped workspace helps ensure efficiency and focus while carrying out your responsibilities. Describe your ideal workspace for threat hunting. What tools or equipment do you require? How would you organize your workspace to optimize productivity?
Setting up Security Tools
In this task, you will set up the necessary security tools for threat hunting. These tools are essential for monitoring and detecting potential threats within the organization's network and systems. What are some commonly used security tools for threat hunting? Share your experience with any specific tools you have used in the past. How do these tools contribute to the effectiveness of threat hunting?
1
Security Information and Event Management (SIEM) software
2
Endpoint Detection and Response (EDR) solutions
3
Network Traffic Analysis (NTA) tools
4
Vulnerability Scanners
5
Intrusion Detection Systems (IDS)
Provide access to Threat Intelligence Platforms
In this task, you will be granted access to threat intelligence platforms. These platforms provide valuable insights and information on emerging threats, hacker techniques, and indicators of compromise (IoCs). Access to such platforms enhances your ability to proactively identify and respond to potential security incidents. What are some popular threat intelligence platforms? How can you leverage threat intelligence to enhance threat hunting activities?
1
Recorded Future
2
FireEye Threat Intelligence
3
Anomali ThreatStream
4
IBM X-Force Exchange
5
CrowdStrike Intelligence
Approval: Access to Sensitive Data
Will be submitted for approval:
Provide Cybersecurity and Threat Hunting Overview
Will be submitted
Introduce team and key stakeholders
Will be submitted
Allocate Workspace
Will be submitted
Setting up Security Tools
Will be submitted
Provide access to Threat Intelligence Platforms
Will be submitted
Train in Company's Incident Response Protocol
In this task, you will be trained in the company's incident response protocol. Incident response is a critical component of threat hunting, as it ensures timely and effective response to security incidents. Familiarize yourself with the company's incident response protocol. What are the key steps involved in the protocol? What role does threat hunting play in the incident response process? How can you contribute to incident triage and investigation?
1
Identification
2
Containment
3
Eradication
4
Recovery
5
Lessons Learned
Mentor Allocation for Hands-On Training
In this task, you will be assigned a mentor who will provide hands-on training and guidance during the onboarding process. Mentors play a crucial role in helping you develop practical skills and knowledge in threat hunting. Describe your expectations for a mentor. What specific areas or topics would you like to learn from your mentor? How can you effectively communicate and collaborate with your mentor?
Submission of first Threat Hunting Report
In this task, you will prepare and submit your first threat hunting report. This report will showcase your ability to analyze and interpret security event data, identify potential threats, and recommend appropriate countermeasures. Reflect on your experience and observations during the threat hunting process. What threats did you discover? What were the indicators of compromise (IoCs) you identified? What actions or recommendations did you propose to mitigate these threats?
1
Patching Vulnerabilities
2
Implementing Strong Access Controls
3
Enhancing Network Segmentation
4
Improving Endpoint Security
5
Conducting Regular Security Audits
Approval: First Threat Report by Supervisor
Will be submitted for approval:
Provide Cybersecurity and Threat Hunting Overview
Will be submitted
Introduce team and key stakeholders
Will be submitted
Allocate Workspace
Will be submitted
Setting up Security Tools
Will be submitted
Provide access to Threat Intelligence Platforms
Will be submitted
Train in Company's Incident Response Protocol
Will be submitted
Mentor Allocation for Hands-On Training
Will be submitted
Submission of first Threat Hunting Report
Will be submitted
Introduction to Company’s Standard Operating Procedures
Map Threat Hunter Role to Company's Security Framework
Develop Understanding of Company's IT infrastructure
Understanding legal guidelines for threat hunting
Access to Network Analysis Tools
Approval: Access to Advanced Security Tools
Will be submitted for approval:
Provide Cybersecurity and Threat Hunting Overview
Will be submitted
Introduce team and key stakeholders
Will be submitted
Allocate Workspace
Will be submitted
Setting up Security Tools
Will be submitted
Provide access to Threat Intelligence Platforms
Will be submitted
Train in Company's Incident Response Protocol
Will be submitted
Mentor Allocation for Hands-On Training
Will be submitted
Submission of first Threat Hunting Report
Will be submitted
Introduction to Company’s Standard Operating Procedures
Will be submitted
Map Threat Hunter Role to Company's Security Framework
Will be submitted
Develop Understanding of Company's IT infrastructure
Will be submitted
Understanding legal guidelines for threat hunting
Will be submitted
Access to Network Analysis Tools
Will be submitted
Introduction to Company's Cybersecurity Culture
Hands-on training on Advanced Persistent Threats (APTs)
Understanding Company's Incident Management System
