What you’ll learn
Upon completing the TH-200 course and successfully passing the OSTH exam, you’ll gain a strong foundation in:
Threat hunting concepts and practices
Network and endpoint security
Incident response and threat analysis
Practical skills for roles in SOC analysis, threat hunting, and IT security
OffSec at Lumify Work
Security professionals from top organisations rely on OffSec to train and certify their personnel. Lumify Work is an Official Training Partner for OffSec.
Who is the course for?
The TH-200 course is designed for individuals looking to build a strong foundation in threat hunting, including SOC analysts, IT security specialists, and those aiming to transition into specialised cybersecurity roles. It provides comprehensive training in threat hunting methodologies and practical skills.
Course subjects
Threat Hunting Concepts and Practices
An overview of the basic objectives, concepts, and practices of cyber threat hunting.
How enterprises implement threat hunting and the different stages and types of threat hunts
Threat Actor Landscape Overview
Communication and Reporting for Threat Hunters
Introduces the way in which threat hunters receive and use threat intelligence, and create threat reports
The concept of the Traffic Light Protocol (but not IoCs)
Hunting with Network Data
Explores using Network Indicators of Compromise (IoCs) for proactive threat hunting
Highlights the role of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), like Suricata, in monitoring for suspicious activities
Practical methods to identify signs of compromise in networks
Hands-on exercises to develop threat detection skills
Hunting on Endpoints
An introduction to cyber threat hunting utilising Endpoint IoCs
Intelligence-based and hypothesis-based threat hunting
Considerations that improve the effectiveness of a hunt
Threat Hunting without IoCs
Threat hunting techniques that don’t rely on known IoCs
Custom threat hunting, focusing on behavioural analysis and data correlation to detect advanced threats
Tools like CrowdStrike Falcon are used to apply these methods in practical scenarios
View the full syllabus here.
Prerequisites
While there are no formal prerequisites, it’s strongly recommended that you have:
A solid foundation in TCP/IP networking
Familiarity with Linux and Windows operating systems
Basic understanding of cybersecurity concepts
All of the above can be found in the Offsec Security Operations Essentials Learning Path, available in Learn Enterprise, Learn Unlimited, Learn One, or Learn Fundamentals.
THIRD PARTY REGISTRATION
Lumify Work offers certification and training through our partnership with OffSec. This arrangement requires Lumify Work to provide your details to OffSec for course and/or exam registration purposes.
FREE E-BOOK: Meeting the Cyber Security Challenge
What are the top challenges in cyber security? Gain insight into how organisations can address challenges through cyber security training programs that build a skilled and diverse cyber workforce.
Terms & Conditions
The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.
