Sophos Threat Hunting Academy: Become a Sophos XDR-certified admin

Registration Now Open: Sophos Threat Hunting Academy Season 3, Feb. 1-9, 2022; 10-11 am PST/GMT/BRT.

Do you ever wonder how our expert threat hunting teams stop attackers in their tracks? See firsthand by attending Season 3 of the Sophos Threat Hunting Academy.

Our focus this season? Threat response. Over the course of five live sessions, we’ll take a deep dive into how Sophos Threat Response teams are able to recognize, contain, and neutralize attacks.

Our experts will walk you through response strategies in real time, demonstrate recommended actions to quickly learn as much as possible about each threat, and present tactics taken to defend against attackers.

By covering critical details such as data cleanup and asset protection, our threat hunters drill into post-attack activities to ensure the wider organizational network is safe, both now and in the future. More importantly, they’ll examine how to prevent similar attacks from reoccurring.

The ultimate goal of the Sophos Threat Hunting Academy is to ensure the plans and measures you already have in place are as effective as they can be — and how to increase effectiveness by putting new ideas and strategies into place.

That’s why the fifth and final session of the series features Sophos experts from our managed threat detection and incident response (MTR) division. In this live panel discussion, we’ll explore what we’ve learned from seeing attacks manifest and then be contained, and we’ll focus on key takeaways that can be applied in your own environment.

Please note: You do not have to attend the initial seasons of our Threat Hunting Academy to enroll in this series. Following the five sessions that make up Season 3, we will distribute a brief test for those interested in becoming a Sophos Threat Response certified admin.

Threat Hunting Academy Season 3 Schedule

Register Here

Session 1 – Responding To An Attack: Initial Response Feb. 1, 2022
Session 2 – Responding To An Attack: Triaging The Issues Feb. 2, 2022
Session 3 – Responding To An Attack: Neutralizing The Threat Feb. 3, 2022
Session 4 – Incident Response: Planning and Prevention Measures Feb. 8, 2022
Session 5 – Season 3 Wrap-Up and Q&A Feb. 9, 2022
  • I didn't receive any notification of where the certification of completion is. Can someone help me find that? 


  • Hi Peter, 

    My sincerest apologies for the confusion. 

    If you take a look at the registration page, you’re able to register for a webinar in your preferred region. Each region's session starts at 10:00 am, of the time zone listed. When registering, you would select the region you live in, which would provide you with accurate timing. 

    I believe if your "Add to Calendar" states 10:00 am GMT, you may have registered for the EMEA region. 

  • What on Earth does "10-11 am PST/GMT/BRT" mean? When I signed up for this I added a calendar entry for 10AM PST. Then on the 31st I received an email reminding me about the sessions and it had "Add to Calendar" links embedded. When I added the entries to my calendar they showed up as 10AM GMT or 5AM EST so I didn't bother even trying to attend.  I figured I would just watch a replay later. Then I found another post that shows these as being 1:00 PM EDT. You would think that a global company like Sophos would know how to put a time on a seminar that people could understand. Can someone tell me when these sessions are scheduled?