eLearnSecurity’s Certified Threat Hunting Professional is an expert-level certification that proves your threat hunting and threat identification capabilities. Students are tested through real-world scenarios modeled after cutting-edge malware that simulates corporate network vulnerabilities.
Here are some of the ways eLearnSecurity Certified Threat Hunting Professional v2 certification is different from conventional certification:
- Instead of putting you through a series of multiple-choice questions, you are expected to perform an actual threat hunt on a corporate network. The examination is modeled after real-world scenarios and cutting-edge malware.
- Not only are you expected to use advanced methodologies to conduct a thorough threat hunt, you will also be asked to propose defense strategies as part of your evaluation. A skillset like this will make you a valuable asset in the corporate sector.
- You must provide proof of your findings to pass the eCTHPv2 certification. That means identifying any threats and deploying creative, original thinking during your hunt.
By obtaining the eCTHPv2, your skills in the following areas will be assessed and certified:
- Network packet/traffic analysis
- Data enrichment with Threat Intelligence
- Data correlation
- In-depth knowledge of tools such as Wireshark, Redline & IOC editor
- IOC-based threat hunting
- Memory analysis/forensics
- Windows/Linux event analysis
- Log analysis
- Detection of any stage of the “Cyber Kill Chain” (Information Gathering, Exploitation, Post-exploitation)
The eCTHPv2 is a certification for individuals with a highly technical understanding of networks, systems and cyber attacks. Everyone can attempt the certification exam, however here are the advised skills necessary for a successful outcome:
- Letter of engagement and the basics related to a threat hunting engagement
- Advanced networking concepts
- Threat hunting processes and methodologies
- Packet/traffic analysis
- Enriching data with Threat Intelligence
- Familiarly with tools such as Wireshark, Redline, IOC editor, Sysmon & Volatility
- How to detect all stages of the “Cyber Kill Chain”
- Familiarity with IOC-based hunting
- Ability in analyzing memory dumps
- Good understanding of Windows events
- Ability in analyzing logs
- Manual threat detection through process analysis
- Ability in correlating data from various sources
eLearnSecurity’s eCTHPv2 is the only certification for Threat Hunters that evaluates your abilities inside a fully featured and real-world environment.
Candidates are provided with a real world engagement within INE’s Virtual Labs. Once valid credentials are provided for the certification platform, the candidate can perform the tests from the comfort of their home or office. An Internet connection and VPN software is necessary to carry out the exam.
There are two ways to become an eCTHP:
1. Purchase an INE subscription and take the Threat Hunting Professional learning path.
The Threat Hunting Professional path takes you from a basic-intermediate understanding of penetration testing to a professional level.
THP Learning Path prepares you to the eCTHPv2 exam with the necessary theory and a number of hands-on practical sessions in Hera Lab. Hera virtual lab in VPN, is the same environment in which you will perform your tests for the eCTHPv2 exam.