Stop cyber threats dead in their tracks with new training from Marc Quibell
It’s a busy time for cyber threat hunters, says new Infosec Skills author Marc Quibell.
“The past eight years I've traveled around the United States helping people with their security postures,” Marc said. “I’ve assisted with a lot of incident response and ransomware events that crippled a company or a client.”
Now he’s bringing his 30 years of IT and security experience to Infosec Skills with his new Cyber Threat Hunting Learning Path.
FREE role-guided training plans
Rise in need for cyber threat hunters
As businesses continue moving critical workflows to the cloud, risk and security experts are looking to move away from reactive cybersecurity measures to blocking digital threats before they become a problem.
According to the 2020 Verizon Data Breach Investigations Report, attacks on web applications accounted for 43% of all data breaches — more than double the amount from the previous year — and 27% of all malware incidents were attributed to ransomware. For companies trying to level the playing field and bring some level of control to the threats, cyber threat hunters can be a security game changer.
“At the end of the day, cyber threat hunting is all about vigilance,” Marc said. “It's knowing what is going on in your network and having your finger on its pulse. It’s about understanding that attackers are trying to get in all the time, and you want to be there to make sure you discover threats or any anomalies.”
The new Cyber Threat Hunting Learning Path
The Infosec Skills Cyber Threat Hunting Learning Path consists of six courses and a hands-on project where you'll put your new skills to the test. As you progress through the courses, you’ll build core hunting skills such as intelligence gathering, investigation techniques and remediation methods.
“After taking the new courses, you’ll be able to look at a network and say, ‘Hey, this isn't normal and now I need to take this next step,’” Marc said.
In the Cyber Threat Hunting Project, you’ll work through a real-life scenario to identify anomalies in network traffic patterns and then investigate malware. You'll use Wireshark to examine packet capture files for potential red flags and piece together the clues to identify and defeat the threat.
“Other things a good cyber threat hunter looks at are virus alerts, intrusion prevention or detection alerts,” Marc said. “Intrusion detections do generate more false positives, but they'll give you more anomalous notifications. It may not be an intrusion, but it could be something else. So having tools in place and then monitoring is part of the core of threat hunting activities."
How to get started in cyber threat hunting
For aspiring cyber threat hunters, Marc recommends gaining experience in Linux to understand how to use traffic capturing and other security tools. He says network knowledge is also useful so that you understand the basics of information technology.
“Let's say I'm log monitoring and get a Windows alert and I'm going crazy because I can't figure it out,” said Marc. “Well, you should know what those Windows alerts mean, what they are and what causes those alerts. If you don't, you'll be slower at your job or you’ll have a false sense of security. A good threat hunter doesn’t want either.”
Not every organization has the resources to employ a full-time cyber threat hunting team or contract with an outside security operation center to provide full 24/7 monitoring and threat remediation. That’s why it’s good for every security professional to understand cyber threat hunting at a basic level, Marc said.
“Security is part of the job for most people from analysts to engineers and architects. It's a core responsibility. You need to know how to investigate, how to packet sniff, how to figure out what kind of traffic is occuring. Are you under a brute force attack? Are you under an APT attack? Is it malware? Is the attack coming from somebody inside? Is it somebody outside? Is there a hole in your firewall that's allowing this traffic? All of these questions can be managed by someone with cyber threat hunting skills.”
FREE role-guided training plans
About Marc Quibell
Marc Quibell is a cybersecurity blue team expert with nearly 30 years of professional IT experience. In addition to being an Infosec Skills author, he’s a consultant and security architect with a Bachelors of Science in Technology Information Management from Upper Iowa University and an Associate of Applied Science in Computer Systems Networking from Texas State Technical College in Waco. Marc has been CISSP certified since 2009 and was previously CCNA, MCSE and CRISC certified.
Get unlimited and self-paced training for you or teams in your organization with Infosec Skills.
- 190+ role-guided learning paths
- 100s of hands-on labs & cyber ranges
- Custom certification practice exams
In this Series
- Stop cyber threats dead in their tracks with new training from Marc Quibell
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity