ATT&CK® Threat Hunting Fundamentals

Earning the ATT&CK® Threat Hunting Fundamentals badge verifies that you understand how ATT&CK can be used as a malicious activity model to conduct the six steps of the TTP-based threat hunt methodology. You will understand how to contrast key elements of TTP-based hunting with complimentary approaches, as well as fundamental considerations for characterizing malicious activity or behavior and how to use that information to execute a TTP-based hunt. Knowledge of this process continually shapes information needs and data requirements to inform and develop continual hunt efforts focused on advanced cyber adversary behaviors.