Threat Hunting Master Course

Threat Hunting Master Course

Mossé Cyber Security Institute teaches students a unique approach to threat hunting based on data science, active deception and the development of custom intrusion detection tools.

In this five-day master course, students will learn how to hunt for threat actors on large scale computer networks. No prior knowledge in incident response, threat hunting, reverse engineering or malware analysis is required prior to attending this course. Detailed step-by-step instructions will be given, and students will leave this course with practical skills to hunt for attackers on their networks, or their clients’ networks.

Our approach to teaching Threat Hunting is to teach the fundamental concepts and strategies that can be used to detect threat actors on any operating systems and types of networks. In this way, we ensure that our students can immediately apply the techniques they have learnt, and rapidly build upon their skills to hunt for more complex attack techniques.
Theoretical knowledge makes up 40% of the course content, and 60% is devoted to practical exercises. At the end of the course, a Threat Hunting exercise is conducted that can be reproduced at your workplace.

Course Outcome
You will learn strategies and tactics to deliver threat hunting campaigns on large scale computer networks:
  • The threat hunting process and how to build a threat hunting team
  • Key Windows internals knowledge for threat hunting
  • How to use data science to hunt for adversaries on large networks
  • Search for indicators of compromise (IOCs) across the entire kill chain
  • Build your own compromise assessment tools
  • Build your own real-time endpoint detection and response tool
  • Rapidly reverse-engineer malware
  • Extract indicators of compromise on the network and the endpoints
  • Rapidly respond and contain intrusions

Intended Audience
Newcomers to the IT security industry, security analysts, threat hunters, incident responders, malware analysts, security engineers, and forensics analysts.


This course is taught by experienced Mossé Security’s instructors. Our instructors have over 10 years of experience delivering penetration testing, red teaming and incident response services for a multitude of industries that have involved complex and multi-faceted approaches. Our instructors each possess the right balance of corporate experience and are competently skilled in presenting and teaching to groups.

Beyond their technical abilities and years of professional experience, our instructors are also trained teachers and public speakers. Their manner of teaching easily conveys their passion for computer security to every one of our students.

What value do I receive when I attend a course with MCSI?

Notify Me!

We contact you next time this course runs

Course Overview