MITRE ATT&CK Defender™ ATT&CK® Threat Hunting


Do you want to learn the MITRE ATT&CK methodology for Threat Hunting? In this MITRE ATT&CK® Defender™ (MAD) Threat Hunting course, you’ll learn how to leverage the MITRE ATT&CK framework to develop hypotheses and analytics that enable you to hunt real-world threats and improve your cybersecurity.

4 hours 42 minutes
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

Course Description

Who should take this course?

This course is designed for experienced and skilled cybersecurity practitioners who are interested in hunting real-world threats to improve cybersecurity effectiveness.

What are the prerequisites for this course?

You will gain the most benefit from this course if you have mastered the following:

  • MITRE ATT&CK® Defender™ (MAD) ATT&CK Fundamentals Training
  • Familiarity with Windows
  • Familiarity with a SIEM tool like Splunk or ELK
  • Proficient in basic networking fundamentals (OSI Model and TCP/IP)

Why should I take this course?

In this course, you will gain the following capabilities:

  • Gain foundational education and training on TTP-based hunting
  • Define adversarial behavior of interest
  • Articulate hypotheses and analytics that drive information needs and data collection requirements
  • Refine hypotheses and analytics to power your hunting efforts
  • Determine Data Requirements
  • Identify and Mitigate Data Collection Gaps
  • Implement and Test Analytics
  • Hunt/Detect Malicious Activity and Investigate It

What makes this course different from other courses on similar topics?

This course is part of the MITRE ATT&CK® Defender™ (MAD) cybersecurity training and certification program produced by MITRE's own subject matter experts. The lead instructor for this course, Steve Luke, is one of the authors of this methodology at MITRE and is truly an expert in this field. You will be learning how to leverage ATT&CK for threat hunting from the people who created the ATT&CK framework.

Why should I take this course on Cybrary and not somewhere else?

This course enables you to learn from the foremost experts in the field, and our on-demand format affords you the flexibility to learn at your own pace.

Instructed By
Steve Luke
Steve Luke
Director of Training and Certification for MITRE ATT&CK Defender
Antonia Feffer
Antonia Feffer
Senior Cybersecurity Engineer for the MITRE Corporation
Sean Muehlenhardt Whitley
Sean Muehlenhardt Whitley
Cyber Operations Lead
Course Components
On Demand Videos to learn from industry leaders
Certificate of Completion
Certificate Of Completion

Complete this entire course to earn a MITRE ATT&CK Defender™ ATT&CK® Threat Hunting Certificate of Completion