Sophos Threat Hunting Academy 2021

Attend our 2021 Threat Hunting Academy and become a certified Sophos EDR Certified Admin. In just seven live sessions, you’ll get the hands-on practical training you need to conduct an active threat hunt and learn how to stop attackers in their tracks by using our top-rated endpoint protection solution, Sophos EDR.

Attendees will get an in-depth understanding of the entire threat hunting landscape, as we take a deep dive on the varied methods cyber attackers use to penetrate the networks of an entire organization. More importantly, you’ll learn how to use Sophos EDR to help you detect these invasions before they escalate and, ultimately, eliminate the threat.

Best of all, the series culminates in a live, interactive session in which the participants guide the direction of a real-world hunt, using Sophos EDR.

Whether you are a Sophos customer that wants to hone your threat hunting skill set or a prospect interested in learning how to use Sophos EDR, these sessions are designed to give you the technical expertise so you can be comfortable with human-led threat hunting, supported by the tools Sophos EDR provides.

PLUS if you attend all seven sessions, you’ll earn a Sophos EDR Certified Admin Certification.

Session 1 – Thinking Like A Threat Hunter

March 2 | Greg Iddon

In this introduction to threat hunting, we’ll look at what it is, and why it’s fast becoming a necessary skill for maintaining a secure network. Then we’ll take a high-level look at how to conduct a threat hunt, using some easily available tools, and set the scene for the rest of the Threat Hunting Academy series.

Session 2 – Threat Journey: Running Code On Remote Systems

March 3 | Ashek Kreowski

Join Ashek as he looks at how attackers execute code and deliver payloads to remote systems, covering common methods used. He’ll explain why they can be difficult to detect, and how Sophos EDR can help.

Session 3 – Threat Journey: Gaining A Privileged Foothold

March 4 | Kris Wayman

Once an attacker has a foothold in a network, how do they keep it and then elevate their privileges to gain wider permissions? Kris will explain some of the scenarios we often see, as well as how you can detect this sort of activity, and how Sophos EDR can support you.

Session 4 – Threat Journey: Understanding the Target Environment

March 9 | Andy Martin

In this session, Andy will look at how an attacker explores and maps out the environment they’ve got into, and how they can then move to other parts of the network to carry out different tasks. They’ll try to stay hidden, but we’ll show you how Sophos EDR can spot this type of activity!

Session 5 – Threat Journey: Remote Access Control

March 10 | Matt Hickey

Having got into the network and found something of interest, how does an attacker get data out and use the environment’s resources for their benefit? Matt will dive into some examples, and show how Sophos EDR offers you the best protection.

Session 6 – Using the EDR Threat Hunting Framework

March 11 | Andrew Mundell

Building on the Threat Journey sessions, Andrew will present and discuss the EDR Threat Hunting Framework; a simple to use reference guide and workflow for undertaking threat hunting with Sophos EDR. He’ll demonstrate all of this with a live threat hunt, so you’ll get the chance to see how it’s all put into practice.

Session 7 – Live Threat Hunting Exercise

March 16 | Nick Fisher & Matt Hickey
In our final session, you’ll get the chance to put everything you’ve learnt together and work through a live threat hunt with us. Join us as we investigate a potential breach, and help guide us as we use the power of Sophos EDR to detect and manage threats. To round the session off, we’ll discuss how you can apply all of these principles to your own environment, and some resources you can use to support you.

 

2021 SOPHOS THREAT ACADEMY

March 2-16, 2021

Related news

English