Threat Detection
Threat Hunt Foundations (Non-destructive)
Frame hypotheses, scope data sources, and document negative findings responsibly.
- Duration
- 4 weeks
- Format
- Cohort
- Tuition reference
- ₩720,000
Tuition is informational only on this marketing site. For enrollment steps, use the contact form.
Schedule informationProgram narrative
Hunting is not guessing wildly. You will practice hypothesis cards, timeboxing, and evidence preservation habits suitable for production tenants. Exercises stay read-only and emphasize collaboration with operations owners.
What you practice
- Hypothesis card templates
- Read-only lab tenant with scripted narratives
- Negative finding writeups that still add value
- Stakeholder update samples
- Pair hunting with rotating partners
- Mentor office hours on scoping traps
Artifacts you can show
- Complete two scoped hunts with documented negative space
- Explain data source limits before expanding scope
- Produce a stakeholder recap under five hundred words
Lead mentor
Daniel Rhee
Detection engineering mentor focused on sustainable detections rather than one-off spikes.
FAQ
None. Any action that could modify tenant data is out of scope and blocked in labs.
Recent learner notes
Hypothesis cards stopped our team from duplicating hunts every sprint.