Threat Hunting

This course will examine different types of logs and alerts to identify issues and threats. Students will become familiar with policies, procedures, event correlation and continuous monitoring programs to help identify incidents. Network traffic will be monitored for anomalies. Tools used may include: Security Onion, SIEM OSSEC, ELK, OSSIM, solar wins, Prelude, splunk. PREREQUISITE: 10150102 Information Security and COREQUISITE: 10151104 Intrusion Detection and Prevention.