Computer Security Fundamentals 5e
COMP-SEC-FUNDA.AB1
Computer Security Fundamentals 5e
ISBN: 9781644594162COMP-SEC-FUNDA.AB1
Threat Hunting For Cloud Security Professionals
Learn to use advanced threat-hunting techniques for cloud environments such as AWS, Azure, and other cloud platforms.
(CYATTK-CLOUD.AE1) / ISBN : 978-1-64459-379-0This course includes
Interactive Lessons
Gamified TestPrep
Hands-On Labs
AI Tutor (Add-on)
179
Reviews
About This Course
Our cloud threat hunting course introduces the best practices for cloud threat hunting. You’ll learn how to detect and stop those sneaking cybercriminals from attacking your AWS, Azure, and other cloud native infrastructure. From understanding the MITRE ATT&CK framework to mastering the ins and outs of cloud security posture management (CSPM), we’ve got you covered. With practical experience, you’ll become a cybersecurity threat hunting expert!
Skills You’ll Get
- Identify and mitigate advanced threats targeting cloud-based infrastructures
- Employ the latest security tools to detect and respond to cyberattacks
- Master threat hunting and incident response
- Understand the MITRE ATT&CK framework and its application to cloud security
- Analyze threat intelligence to identify emerging threats
- Utilize cloud security tools and technologies effectively
- Implement cloud security configuration and management best practices
- Develop a threat hunting program tailored to your organization’s needs
- Coordinate with your security teams to improve the cybersecurity posture
Interactive Lessons
17+ Interactive Lessons | 151+ Exercises | 88+ Quizzes | 82+ Flashcards | 82+ Glossary of terms
Gamified TestPrep
50+ Pre Assessment Questions | 50+ Post Assessment Questions |
Hands-On Labs
15+ LiveLab | 15+ Video tutorials | 43+ Minutes
1
Introduction
- What Does This Course Cover?
- Additional Resources
2
Introduction to Threat Hunting
- The Rise of Cybercrime
- What Is Threat Hunting?
- The Key Cyberthreats and Threat Actors
- The Necessity of Threat Hunting
- Threat Modeling
- Threat-Hunting Maturity Model
- Human Elements of Threat Hunting
- Summary
3
Modern Approach to Multi-Cloud Threat Hunting
- Multi-Cloud Threat Hunting
- Building Blocks for the Security Operations Center
- Cyberthreat Detection, Threat Modeling, and the Need for Proactive Threat Hunting Within SOC
- Cyber Resiliency and Organizational Culture
- Skillsets Required for Threat Hunting
- Threat-Hunting Process and Procedures
- Metrics for Assessing the Effectiveness of Threat Hunting
- Threat-Hunting Program Effectiveness
- Summary
4
Exploration of MITRE Key Attack Vectors
- Understanding MITRE ATT&CK
- Threat Hunting Using Five Common Tactics
- Other Methodologies and Key Threat-Hunting Tools to Combat Attack Vectors
- Analysis Tools
- Summary
5
Microsoft Azure Cloud Threat Prevention Framework
- Introduction to Microsoft Security
- Understanding the Shared Responsibility Model
- Microsoft Services for Cloud Security Posture Management and Logging/Monitoring
- Using Microsoft Secure and Protect Features
- Microsoft Detect Services
- Detecting “Privilege Escalation” TTPs
- Detecting Credential Access
- Detecting Lateral Movement
- Detecting Command and Control
- Detecting Data Exfiltration
- Microsoft Investigate, Response, and Recover Features
- Using Machine Learning and Artificial Intelligence in Threat Response
- Summary
6
Microsoft Cybersecurity Reference Architecture and Capability Map
- Introduction
- Microsoft Security Architecture versus the NIST Cybersecurity Framework (CSF)
- Microsoft Security Architecture
- Using the Microsoft Reference Architecture
- Understanding the Security Operations Solutions
- Understanding the People Security Solutions
- Summary
7
AWS Cloud Threat Prevention Framework
- Introduction to AWS Well-Architected Framework
- AWS Services for Monitoring, Logging, and Alerting
- AWS Protect Features
- AWS Detection Features
- How Do You Detect Privilege Escalation?
- How Do You Detect Credential Access?
- How Do You Detect Lateral Movement?
- How Do You Detect Command and Control?
- How Do You Detect Data Exfiltration?
- How Do You Handle Response and Recover?
- Summary
- References
8
AWS Reference Architecture
- AWS Security Framework Overview
- AWS Reference Architecture
- Summary
9
Threat Hunting in Other Cloud Providers
- The Google Cloud Platform
- The IBM Cloud
- Oracle Cloud Infrastructure Security
- The Alibaba Cloud
- Summary
- References
10
The Future of Threat Hunting
- Artificial Intelligence and Machine Learning
- Advances in Quantum Computing
- Advances in IoT and Their Impact
- Operational Technology (OT)
- Blockchain
- Threat Hunting as a Service
- The Evolution of the Threat-Hunting Tool
- Potential Regulatory Guidance
- Summary
- References
11
APPENDIX A: MITRE ATT&CK Tactics
12
APPENDIX B: Privilege Escalation
13
APPENDIX C: Credential Access
14
APPENDIX D: Lateral Movement
15
APPENDIX E: Command and Control
16
APPENDIX F: Data Exfiltration
17
APPENDIX G: MITRE Cloud Matrix
- Initial Access
- Persistence
- Privilege Escalation
- Defense Evasion
- Credential Access
- Discovery
- Lateral Movement
- Collection
- Data Exfiltration
- Impact
1
Introduction to Threat Hunting
- Performing a Phishing Attack
2
Exploration of MITRE Key Attack Vectors
- Performing Local Privilege Escalation
- Enabling and Disabling GuardDuty
- Creating a CloudWatch Dashboard
3
Microsoft Azure Cloud Threat Prevention Framework
- Creating a Service Bus
- Deploying an Azure Firewall
- Creating an Azure Front Door
4
AWS Cloud Threat Prevention Framework
- Creating VPC Flow Logs
- Creating CloudTrail
- Examining Macie
- Creating a Rule in Amazon EventBridge
- Creating a Lambda Function
- Creating an Amazon SNS Topic
5
AWS Reference Architecture
- Creating a VPC
6
Threat Hunting in Other Cloud Providers
- Creating a VPC Network
Any questions?Check out the FAQs
Still have questions about our threat hunting in the cloud course? Check out our FAQs.
Contact Us NowThreat hunting is a proactive cybersecurity approach that searches for and identifies potential threats and vulnerabilities within a network. It is the opposite of incident response which is a reactive security approach.
The purpose of this cloud threat-hunting training is to train you and develop the skills required to identify, investigate, and mitigate advanced threats targeting cloud-based infrastructures.
Cloud environments pose unique security challenges due to their dynamic nature and the risk of misconfigurations. Threat hunting helps organizations to detect and mitigate threats before they can cause significant damage.
While both involve responding to security threats, threat hunting is proactive, focusing on identifying potential threats before they cause harm, while incident response is reactive, addressing threats after they have occurred.
Commonly used techniques for security professionals include log analysis, network traffic analysis, anomaly detection, and hunting for indicators of compromise (IOCs).
Some important tools that every cybersecurity professional needs to know include security information and event management (SIEM) systems, cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and threat intelligence platforms.
Cloud threat hunting targets threats specific to cloud environments like Azure or AWS. It takes into account factors like dynamic infrastructure, API usage, and shared responsibilities.
The job roles that will benefit from this course are:
- Cloud Security Engineers
- Security Analysts
- Incident Responders
- Security Architects
- DevOps Engineers
- IT Managers
Related Courses
All Course
Cybersec First Responder (CFR-410)
CFR-410.AK1
Cybersec First Responder (CFR-410)
ISBN: 9781644594179CFR-410.AK1
Certified Information Systems Auditor (CISA)
CISA.AA1
Certified Information Systems Auditor (CISA)
ISBN: 9781644594421CISA.AA1
Cisco CyberOps Associate CBROPS (200-201)
200-201.AP2
Cisco CyberOps Associate CBROPS (200-201)
ISBN: 9781644594650200-201.AP2
Certified Ethical Hacker (CEH v12)
CEH-v12.AE1
Certified Ethical Hacker (CEH v12)
ISBN: 9781644599815CEH-v12.AE1
Certified Secure Software Lifecycle Professional (CSSLP)
CSSLP.AO2
Certified Secure Software Lifecycle Professional (CSSLP)
ISBN: 9781644594544CSSLP.AO2
Cybersecurity Risk Management-NIST Framework
CYBERSEC-NIST.AE1
Cybersecurity Risk Management-NIST Framework
ISBN: 9781644594643CYBERSEC-NIST.AE1
Digital Forensics and Incident Response
DIG-FORNSC-IR.AJ1
Digital Forensics and Incident Response
ISBN: 9781644594711DIG-FORNSC-IR.AJ1
Artificial Intelligence for Cybersecurity
AI-CYBSEC.AJ1
Artificial Intelligence for Cybersecurity
ISBN: 9781644594834AI-CYBSEC.AJ1