← Back to all courses

Threat Hunter Course

Master proactive threat hunting techniques to identify and neutralize advanced persistent threats before they can cause damage

Enroll now

Format

Online

Duration

3 days

Level

Medium

Language

English

Arabic

Target participants

Technical specialist with cybersecurity experience

Understand the role and value of threat hunting by identifying relevant logging sources and enriching data to support structured, repeatable analysis.

Information security expert

Apply the scientific method to hypothesis-driven discovery by interpreting open-source threat data and extracting actionable intelligence for deeper investigations.

Threat hunters

Recognize attacker behavior in complex, multi-host environments and create, test, and refine hunting hypotheses based on real-life data while contributing to hunting methodology and capacity development.

Course modules

Threat hunting fundamentals

The role of threat hunting in the security ecosystem
Application of the scientific method and
hypothesis testing
Interpretation of open-source threat data
Identification of logging sources for data
enrichment and analysis

Malware analysis and digital forensics for threat hunting

Malware analysis for threat hunting
Sandboxing and malware detonation techniques
Essential digital forensics methods
Introduction and applications in threat hunting
Analyzing events using Sysmon

Hypothesis creation and testing

Formulating and verifying hypotheses
Using telemetry to test hypotheses
Continuation of threat hunting process

Advanced concepts

Understanding attacker behavior in complex,
multi-host environments
In-depth exploration of threat detection
Threat hunting capacity development

Course certificate

At the end of the course, you will receive a personal certificate confirming your expertise and strengthening your professional credibility

Trainers

Svetlana Ostrovskaya

Head of Education Practice

Svetlana Ostrovskaya

With a background in incident response and digital forensics, Svetlana has designed many DFIR training programs and crisis management masterclasses. She has also co-authored articles and books on cybersecurity, such as Practical Memory Forensics, Incident Response for Windows, and the e-guide Human-Centric Assessments. She has trained specialists in more than 30 countries and spoken at leading conferences worldwide, from FS-ISAC Japan to GITEX UAE.

Ahmed Nosir

Cybersecurity Consultant

Ahmed Nosir

Ahmed has been working in the Security Operations Center over the last three years, transitioning his expertise from penetration testing to Digital Forensics and Incident Response and regularly takes part in complex incident response operations.

Ahmed has conducted numerous training sessions, molding the new age cybersecurity professionals. His expertise doesn’t just stop at identifying digital threats but extends to fostering a culture of continuous learning and curiosity among aspiring cyber experts.