ATT&CK Threat Hunting and Detection Engineering Certification

After completing the ATT&CK® Threat Hunting Instructional Training Program you should be able to demonstrate foundational knowledge that supports the execution of a six-step TTP-based hunting methodology centered on use of the ATT&CK® Framework. This program is designed for practitioners who can apply a solid understanding of the ATT&CK® Framework, adversarial behaviors of interest, and possess the ability to articulate hunt-directing hypotheses that inform the development of written analytics that drive information needs and data collection requirements. The ability to apply the TTP-based hunting methodology, as demonstrated by successful completion of this program, supports your dedication to securing critical networks and systems against attacks from advanced cyber adversaries. Learners must earn six distinct ATT&CK® Threat Hunting badges to complete the program. Each badge requires you to demonstrate your ability to conduct the steps of the TTP-based hunt methodology using ATT&CK as a malicious activity model. The TTP-Hunt Methodology demonstrated in this program was developed by a team of MITRE’s own subject matter experts based on research conducted to identify leading practices in threat hunting. To complete the ATT&CK® Threat Hunting Instructional Program, you are required to earn six distinct badges to demonstrate your mastery of program content. Each badge is earned by answering at least 85% of the questions correctly on associated knowledge questions. Pre-requisites: • Practitioners should have a solid understanding of the ATT&CK Framework • Familiarity with Windows, Splunk or ELK, and networking fundamentals • We highly recommend taking the ATT&CK Threat Hunting course to facilitate success