WEEK 4 : Cyber Threat Monitoring

12/21/20 - 12/23-20

DAY 16

Monday 12/21

Syllabus:  This series of lectures is designed to transfer practical knowledge and critical thinking that connect directly to the skills you will be using during your CyberShip journey.  Cyber threat hunting is something the MISI team is engaged in daily.   There are a wide array of cyber careers that involve some aspect of threat hunting. Threat hunting in cyber is the tactics, techniques and tools used to seek out indicators of a compromise on a computer network, device, software, just a few examples.  A threat hunter seeks to find the anomalies in data, behaviors and other sensory data to detect an actual or potential cyber threat.  Cyber threat hunting is part of normal set of operations for any modern security operations center (SOC). 

This lecture series will focus on using the tools that are encapsulated in a MISI custom platforms that accelerate the process of threat hunting and the identification of cyber threats and vulnerabilities. The tools and techniques.  The techniques and tools are standards used in the industry and as part of your CyberShip the application of the skills learns and the knowledge of the processes and tools will set a foundation for cyber opportunities in the government and commercial workforce.

You will be able to:

  1. Exercise the techniques discussed and demonstrated in the lecture to seek out vulnerabilities and cyber threats in the MISI customer networks
  2. Analyze critical vulnerabilities and to use tools, techniques and information repositories to understand the vulnerability and or cyber threat and develop solutions to mitigate the vulnerability or active cyber threat
  3. Write basic threat intelligence reports to support Defense Industrial Base customers in their cyber resilience and compliance objectives
  4. Conduct research needed to develop an understanding of a cyber threat or vulnerability and to grade the threat with confidence such that it can be elevated to the next level for processing
  5. Describe the purpose of a network map
  6. Conduct basic analysis of how a cyber threat or vulnerability connects to the NIST and or CMMMC cyber standards and practices
  7. Understand how the tools collect threat information
  8. Understand the CVSS cyber vulnerability scoring system
  9. Understand and describe how cyber threats differ in IT assets vs control system assets
  10. Understand how the tools are used to fuel the Defense Industrial Base customer’s CMMC compliance process
  11. Understand IPv4 and IPv6 threat scanning challenges, reasons and purpose


Your instructor: The MISI team is staffed with threat hunters who daily apply their skills at different levels of maturity to seek out and mitigate threats to the Defense Industrial Base networks that they monitor or to discover new and novel ways to address the ever diverse landscape of cybersecurity threats.  Below meet one of your lecturers.

Austin Murdock, PhD

Previously, I was a PhD student in UC Berkeley’s Computer Security research group, advised by Vern Paxson. I was also a member of the Center for Evidence-based Security Research (CESR) and ICSI’s Networking and Security group. Prior to Berkeley, I worked on Network Intrusion Detection and Prevention with Mark Smith at the Massachusetts Institute of Technology Lincoln Laboratory and platform security at the Johns Hopkins University Applied Physics Laboratory. Outside of the lab, I enjoy mentoring students in several of UC Berkeley’s mentorship programs, SEED scholars, CS scholars, SUPERB REU, and Berkeley Science Network.

Austin interned at the Department of Defense (DOD) during his senior year in high school, and graduated from the University of Maryland Baltimore County, computer science. Along with his academic achievements, including graduating in the top five percent of Chesapeake Senior High School, a Meyerhoff Scholar, a Certificate of Merit and membership in both the National Honor Society and the World and Classical Languages Honor Society.

The Defense Industrial Base Sector is the worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet U.S. military requirements.

The Live DIB sessions will engage you in real work experience in the area of penetration testing assessments, CMMC policy reviews, vulnerability research and threat assessments. You will participate in group video calls designed to assist the small and medium sized businesses. You will apply daily the concepts they learned in lectures, on demand training and in hands on demonstrations and cyber skills exercises.  The tasking that will be part of these engagements will allow interns to utilize a variety of skills, participate in important decision making associated with cyber investments, vulnerability mitigation and shaping of cyber compliance policy.

DAY 17

Tuesday 12/22

Good morning, its back to work! In this session you will login to Jensie and begin the process of analyzing vulnerabilities, conducting threat intelligence research and writing threat intelligence reports.  You will assist with system security plan (SSP) writing and writing plan of action and milestones (PO&AM).

DAY 18

Wednesday 12/23

Hope you are looking forward to the Holiday. Hackers, especially overseas hackers, are super active during the Holiday. They take the opportunity to find vulnerabilities in US companies knowing that staff is away for the Holidays. Today you will continue to review all of the levels of data inside of Jensie from the sensors and the penetration testing campaigns looking for cyber threats.  You will also review CMMC compliance data and evidence uploaded by our customers. 

This website uses cookies to ensure you get the best experience on our website.