Just a quick note to say that all of Season 2 is now available at the on-demand page, for you to review and please share with colleagues! https://events.sophos.com/sophosthreathuntingacademy2  We have one more video to come which will...

Having attended the series, to become a Sophos XDR Certified Admin, you now just need to take a short test to validate your knowledge. Completion of this (the pass mark is 80%) will automatically send over your certificate, which you can print out an...

I really enjoyed today's session - I hope you did too! Really interesting content from Brandon, and great to see the power of Firewall and Server working together. There's a number of good Threat Simulation platforms as we discussed in today&...

Great sessions this week - thanks to all of you for joining in with the conversations. Here's some of the areas Ben covered in his session, and the resources that you might want to explore further... As mentioned in our discussions it's ofte...

Great to see so many of you on the sessions today - thanks for tuning in and getting stuck into the interactive side. It's really good knowing we have so many keen threat hunters out there! Here's a collection of resources from Ashek - please do let ...

We're less than 2 days out from kicking off the next season of the Sophos Threat Hunting Academy, and I for one can't wait to get started! We have some much we want to share with you this time round, and the power you can add to your threat hunting w...

I have some very exciting news - the Sophos Threat Hunting Academy is back! We're all so excited about getting to do this again, and can't wait to get started! Starting 14th July, we have 4 new live and interactive sessions for you, this ti...

Introduction

Welcome to the Sophos EDR Threat Hunting Framework. This document is intended to guide an experienced threat hunter through the process of initiating a hunt, gathering and enriching data, then taking the required action…

I hope you all enjoyed the series as much as we did in running it - it sounds from talking to some of you that the topics covered were useful and it was great to see so much interaction during the sessions. We plan to to run another Threat Hunti...

Having attended the series, to become a Sophos EDR Certified Admin, you now just need to take a short test to validate your knowledge. Completion of this (the pass mark is 80%) will automatically send over your certificate, which you can print out an...

Welcome to Monday everyone!  We're busily getting ready for our final session in the series tomorrow, where we'll be running through a live threat hunt with all of you. Can't wait to get started with it - should be fun Don't fo...

Hope you all enjoyed today's session - I love seeing this end of the chain; as Ben said on the EMEA session, this is the 'fun' bit where everything we've learnt so far comes together! Here's links to a few resources that we mentio...

Great to see so many of you on the session today and interacting - thanks! I hope the new platform worked well for you. Here's a few query resources that I wanted to share following Andy's session: https://community.sophos.com/intercept-x-endpoin...

Thanks Kris for a great session today!  Kris used quite a few queries which are listed below for you to test out and use on your network: RDP Status- https://community.sophos.com/intercept-x-endpoint/i/device/simple-query-to-audit-microsof...

Just a quick note to say that session 1 is now available at the on-demand page, for you to review and please share with colleagues! https://events.sophos.com/threatacademyondemand  We'll get other sessions up as soon as possible after they&#...

Great interaction again on today's session - thanks for joining in! I loved having a proper look at how code can be executed on your network and devices, and what Sophos EDR can do to help you threat hunt. We'll see more of that power in the remainin...

I hope you enjoyed the first session - that's just a taster of the amazing content we've got for you in the next couple of weeks! There were a couple of resources mentioned in the session which I've listed below for reference in case: VirusTotal -&n...

Welcome! This page is where we'll post any follow-on resources from the Threat Hunting Academy series, so that you can continue to learn and explore after the sessions. Do let us know in the Comments below if you have any feedback or extra informati...