+ Reply to Thread
Results 1 to 23 of 23
  1. Senior Member
    Join Date
    May 2017
    Posts
    124
    #1

    Default elearn Threat Hunting

    Hi All,

    someone know about Threat hunting pro by elearn ?
    Reply With Quote Quote  

  2. SS -->
  3. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,845

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #2
    Looks like they haven't launched as of yet. But I would suspect it will very much be like SANS 511 course.
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Feb 2016
    Posts
    27

    Certifications
    eMAPT, CEH, MCP, Qualys Certified Specialist
    #3
    Too soon after the PTX. I would jump on this but the time limited labs mean that I would not have enough time to finish it.
    Reply With Quote Quote  

  5. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,845

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #4
    For the person who gave me negative rep for stating that the course would appear to be like the SEC511 course I have a number of points. First, grow up. The comparison was not one in respect to the quality of offerings from either merely speaking to what it might possibly relate to. Second, have some courage and list who you are after giving rep (as I do after every rep positive or negative I give). Third, my suggest would be for you to delete your account (as you so tactfully told me to do) as you are most likely not a valued member of this community.
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Apr 2011
    Location
    DMV
    Posts
    220
    #5
    the_grinch - it's probably one of their marketing staff with a fake ID here. I won't be surprised I get one too lol.
    Reply With Quote Quote  

  7. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,582

    Certifications
    SpecterOps: Powershell Adversary Tactics, SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #6
    Quote Originally Posted by the_Grinch View Post
    For the person who gave me negative rep for stating that the course would appear to be like the SEC511 course I have a number of points. First, grow up. The comparison was not one in respect to the quality of offerings from either merely speaking to what it might possibly relate to. Second, have some courage and list who you are after giving rep (as I do after every rep positive or negative I give). Third, my suggest would be for you to delete your account (as you so tactfully told me to do) as you are most likely not a valued member of this community.
    dude I got a bad rep for my 2016 goals lol like seriously I had no idea my certification goals had that affect on people lol

    You are right, that type of stuff brings no value to our community.
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), SpecterOps: PowerShell Adversary Tactics (completed), eCPPT (2nd attempt), LFCS (4th attempt ), OSCP (Ah next year...)
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    May 2017
    Posts
    124
    #7
    so its more likely SOC operations / monitoring ?
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Jul 2015
    Posts
    455
    #8
    Quote Originally Posted by vynx View Post
    so its more likely SOC operations / monitoring ?
    It's more likely to deal with threat hunting
    Reply With Quote Quote  

  10. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,845

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #9
    Ender is correct, it appears they are targeting threat hunting specifically. You'll most likely use data from your monitoring tools in order to hunt so I suspect you'll see the use of monitoring tools.
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  11. Junior Member
    Join Date
    Jun 2016
    Posts
    21
    #10
    Quote Originally Posted by ottucsak View Post
    Too soon after the PTX. I would jump on this but the time limited labs mean that I would not have enough time to finish it.
    From the name as well as the visuals, this seems blue-team focused. PTX is very red-team focused. While most organizations in practice have some overlap between those areas, it's fair to say the two courses have different target audiences. It's not yet another addition to their linear penetration testing lineup (PTS/PTP/PTX).
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    May 2017
    Posts
    124
    #11
    from els blog :
    "Nobody wants to have their security teams merely reacting to a threat or attack—if you can spot an attack happening, it’s probably too late. Blue teamers have to seek out enemies around the perimeter in order to secure their positions.With THP, security professionals will be instilled with a ‘hunter mindset,’ and be taught the skills to proactively hunt threats in the network or endpoint. Based on the latest attacker TTPs, and using Threat Intelligence and IOCs, the course will help defenders keep their organizations several steps ahead of potential adversaries."

    so its more to blue team course i guess ...
    Reply With Quote Quote  

  13. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    5,846

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #12
    Threat hunting IS a blue team endeavor. For those unfamiliar with the concept head here for a quick read: https://sqrrl.com/media/Framework-fo...Whitepaper.pdf
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    May 2017
    Posts
    124
    #13
    Quote Originally Posted by cyberguypr View Post
    Threat hunting IS a blue team endeavor. For those unfamiliar with the concept head here for a quick read: https://sqrrl.com/media/Framework-fo...Whitepaper.pdf
    any other whitepaper maybe? that vendor neutral ...
    Reply With Quote Quote  

  15. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,582

    Certifications
    SpecterOps: Powershell Adversary Tactics, SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #14
    I honestly think this is a good move for elearnsecurity. Introducing a blue team and a red team focused courses targets the needs of many companies.
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), SpecterOps: PowerShell Adversary Tactics (completed), eCPPT (2nd attempt), LFCS (4th attempt ), OSCP (Ah next year...)
    Reply With Quote Quote  

  16. Junior Member
    Join Date
    Apr 2016
    Posts
    12
    #15
    Quote Originally Posted by joneno View Post
    the_grinch - it's probably one of their marketing staff with a fake ID here. I won't be surprised I get one too lol.

    Jens here from eLS - No we didn't
    You should know by now that we are happy about all honest and real comments and suggestions from you guys, whatever direction they go
    THP will be revealed soon enough btw, only 1 week to go...
    Reply With Quote Quote  

  17. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,845

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #16
    Quote Originally Posted by JensBada View Post
    Jens here from eLS - No we didn't
    You should know by now that we are happy about all honest and real comments and suggestions from you guys, whatever direction they go
    THP will be revealed soon enough btw, only 1 week to go...
    Pretty sure he was referring to the other company and not yours
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  18. Junior Member
    Join Date
    Apr 2016
    Posts
    12
    #17
    Quote Originally Posted by the_Grinch View Post
    Pretty sure he was referring to the other company and not yours
    Makes sense - Glad that was cleared up
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    May 2017
    Posts
    124
    #18
    someone join webinar? any recommendation for this course?
    Reply With Quote Quote  

  20. Junior Member
    Join Date
    Mar 2016
    Posts
    23

    Certifications
    GCIA, eJPT, eMAPT, ePWD Degrees: B.S. Computer Engineering UCSD
    #19

    Default On the Fence

    Wanted to really like this course since this is a super relevant skill and involves my day to day work (logging pipeline/threat hunting). But unfortunately i've already dug into some of these topics that concern threat hunting at scale such and Windows Events, ELK, sysmon, looking for PTH etc. But i'm afraid it probably only covers these topics at a surface level which would not help me that much. The course also looks really short, only 3 sections with one section full intro on things such as what is incident response, threat hunting, IOC, STIX. Basically introduction into what could be several courses (Threat Intelligence, Incident Response/Forensics, SIEM, Threat-hunting). Therefore it only covers surface level of these topics (like using redline). If it had just focused on threat-hunting and specific use cases i think it would have warranted the purchase. Only conceivable way would be 4 in a box promotion if i could get it covered in next year's training budget. On it's own i can't justify taking this course...
    Reply With Quote Quote  

  21. Junior Member
    Join Date
    Mar 2016
    Posts
    23

    Certifications
    GCIA, eJPT, eMAPT, ePWD Degrees: B.S. Computer Engineering UCSD
    #20
    Here's a good resource to understand the Windows Event/SYSMON -> ELK stuff https://www.root9b.com/sites/default...tepaper_01.pdf

    Theres plenty of papers, posts on detecting the stuff listed in section 3.4. Section 2 is a bit vague but most everything else you can find.
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    May 2017
    Posts
    124
    #21
    do you will take ptx also ?
    Quote Originally Posted by monkykap View Post
    Wanted to really like this course since this is a super relevant skill and involves my day to day work (logging pipeline/threat hunting). But unfortunately i've already dug into some of these topics that concern threat hunting at scale such and Windows Events, ELK, sysmon, looking for PTH etc. But i'm afraid it probably only covers these topics at a surface level which would not help me that much. The course also looks really short, only 3 sections with one section full intro on things such as what is incident response, threat hunting, IOC, STIX. Basically introduction into what could be several courses (Threat Intelligence, Incident Response/Forensics, SIEM, Threat-hunting). Therefore it only covers surface level of these topics (like using redline). If it had just focused on threat-hunting and specific use cases i think it would have warranted the purchase. Only conceivable way would be 4 in a box promotion if i could get it covered in next year's training budget. On it's own i can't justify taking this course...
    Reply With Quote Quote  

  23. Junior Member
    Join Date
    Mar 2016
    Posts
    23

    Certifications
    GCIA, eJPT, eMAPT, ePWD Degrees: B.S. Computer Engineering UCSD
    #22
    i have not taken either... these are just my opinion based on the syllabus and demo. While PTX sounds fun, no real value to me occupationally. the threat hunting course could provide some value to my daily work and goals so i am on the fence on taking it.
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Dec 2010
    Posts
    371

    Certifications
    VCA5-DCV, CEH, ECSA, CHFI, ITILv3, CND
    #23
    To be back at this thread.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks