The eCTHP is a certification for individuals with highly technical understanding of networks, systems and cyber attacks. Everyone can attempt the certification exam, however here are the advised skills to possess for a successful outcome:

  • Understanding a letter of engagement and the basics related to a threat hunting engagement
  • Deep understanding of networking concepts
  • Knowledge of threat hunting processes and methodologies
  • Good knowledge of packet/traffic analysis
  • Ability in enriching data with Threat Intelligence
  • Familiarly with tools such as Wireshark, Redline, IOC editor, Sysmon & Volatility
  • Good knowledge on how to detect all stages of the “Cyber Kill Chain
  • Familiarity with IOC-based hunting
  • Ability in analyzing memory dumps
  • Good understanding of Windows events
  • Ability in analyzing logs
  • Manual threat detection through process analysis
  • Ability in correlating data from various sources
Go to top of page