FALCON 302: Advanced Threat Hunting With Falcon
FALCON 302: Advanced Threat Hunting with Falcon is an intensive three-day program that elevates threat hunting capabilities through expert-curated, real-world scenarios. The course teaches the CrowdStrike Falcon® Adversary OverWatch™ SEARCH (Sense, Enrich, Analyze, Reconstruct, Communicate, Hone) methodology alongside sophisticated hunting techniques and intelligence frameworks. Through hands-on exercises and a culminating capstone project, participants will master advanced threat hunting skills, from initial trigger identification through comprehensive reporting of adversarial activities.
Course Highlights:
- Implementation of the SEARCH methodology for systematic threat hunting
- Application of multiple intelligence frameworks, including the MITRE ATT&CK® framework and the Diamond Model of Intrusion Analysis
- Automation of hunting workflows using CrowdStrike Falcon® Fusion SOAR, APIs, and custom indicators of attack (IOAs)/indicators of compromise (IOCs)
- Development of contextual hunting skills using threat intelligence and situational awareness
- Comprehensive capstone project simulating sophisticated adversary scenarios
