Core Principles of Threat Hunting Techniques

Hunt threats proactively with ML and data science tools

Reactive alerts aren’t enough anymore. Learn to hunt threats proactively using data science and machine learning, moving beyond waiting for alerts to actively searching for hidden adversaries in your environment.

You’ll work with Splunk and Jupyter notebooks to analyse logs, build hypotheses, and uncover stealthy threats that automated systems miss. By the end of this course, you’ll have practical skills to operationalise ML-powered threat hunting at scale.

Mastering the threat hunting lifecycle

Explore structured methodologies like the MITRE ATT&CK framework and learn to prioritise hunts based on intelligence and gaps in your telemetry.

Using Jupyter environments, you’ll practise iterative hypothesis testing and refinement uncovering adversaries that slip past your automated defences.

Analysing logs with data science tools

Learn to use Pandas for data manipulation and Seaborn for spotting anomaly patterns. Visualise temporal correlations in network and endpoint data, whilst statistical techniques establish what “normal” looks like in your environment with Matplotlib. With these skills you’ll transform overwhelming data into actionable intelligence.

Applying ML algorithms and Splunk hunts

Implement anomaly detection algorithms like Isolation Forest to identify outliers efficiently, and use DBSCAN clustering on complex telemetry data with confidence. In Splunk, you’ll write SPL queries that execute scalable production hunts.

Master end-to-end investigations from hypothesis through to validation with the confidence to operationalise ML-powered hunting in your own environment.

This course is ideal for SOC analysts, threat hunters, blue team engineers, and cybersecurity professionals seeking hands-on ML skills for threat detection.

This course is ideal for SOC analysts, threat hunters, blue team engineers, and cybersecurity professionals seeking hands-on ML skills for threat detection.

• Explore the threat hunting lifecycle and how ML augments hypothesis-driven investigation.
• Analyze raw log data by cleaning, enriching, and visualizing it using Pandas, Seaborn, and Matplotlib in Jupyter.
• Apply anomaly detection techniques such as Isolation Forest and DBSCAN on telemetry data.
• Design and execute a complete ML-based hunt in Splunk and Jupyter to detect suspicious behavior.