Paul Shattuck & Abe Abernethy - Threat Hunting with Graylog $1,800 EARLY $1,450

Name of training: Threat Hunting with Graylog

Trainer information:
Paul Shattuck, Abe Abernethy

Trainer(s) bio:
Two awesome instructors make up our team:

Paul is an instructional designer with a background in QA and Training for tech companies around Seattle including Microsoft and Steam.

He's joined by Abe who, after getting into trouble for hacking in his youth, became interested in other dangerous and exciting activities like enlisting in the Canadian Military and becoming an elite cybersecurity ninja.


Trainer(s) social media links:

@Graylog2
linkedin.com/in/reallybigabe
linkedin.com/in/pshattuck/

Previous trainings:

Graylog GO September 2022

Graylog Engineering Week December 2022

https://events.hubilo.com/graylog-go-2022/register?agendaDate=2022-09-13

Class description:
Our Threat Hunting workshop gives participants an overview of the Graylog log management and SIEM product with an emphasis on Data Discovery. We also introduce a few resources they can take advantage of and how to use them in our secure lab environment. There, participants will simulate attacks and learn how to best identify vulnerabilities in order to defend themselves from known attack methodologies.


Class Outline:
In our Threat Hunting workshop we give participants an overview of the product with an emphasis on Data Discovery, and how that can be leveraged to detect a variety of threat indicators. With hands-on labs you'll learn how to actively compare what's authorized to happen with what is actually happening.

Once you have the basics down, you'll be given an opportunity to test your new threat hunting superpowers against a variety of simulated attacks in a controlled lab environment utilizing Atomic Red Team and the MITRE ATT&CK Framework, ultimately pitting your new skills against the known attack methodologies of a real APT group.

Participants will ultimately learn how to use these tools to test the security of their own environment and use these resources to determine how best to respond to any vulnerabilities.


Technical difficulty of the class:
Beginner/Intermediate.

Suggested prerequisites for the class.
This course assumes no prior knowledge of Graylog, Open Source or Linux - however a comfort with most of the terms will be an advantage.


Items students will need to provide.

Lab materials are hosted in a virtual environment. Students will only need a moderately decent laptop with Wi-Fi capability.