eCTHP - eLearnSecurity Threat Hunting Professional

Decided to start a thread regarding this certification. I was in the deep with some shellcoding for the eCPPT and decided since the THP course is shorter, to go ahead and start it. I am planning to finish it by the end of January and let you guys know how it is.
Background:
I do a lot of work with SIEM and vulnerability management in my current role. Also my team is focusing now on some hunting as part of our day to day. I went into the PenTesting route since it was something I never knew much about and I wanted to challenge myself. I went through the eJPT (eLearn Junior Pentest), did the GPEN, and have been working through the material with the eCPPT. It has been slower than I hoped since I am learning about a lot of new things I never knew about. I am interested in the red team stuff more our of curiosity than being a full fledged pentester. Would I take a job as a pentester, probably but not the priority. I am more interested in defense and since it has been more expensive to do some of the defensive courses with SANS (SEC555 and SEC511) this course came at the right time and right price.
Day one:
Downloaded all PDFs and will be starting the first module this week.
More to follow...
Background:
I do a lot of work with SIEM and vulnerability management in my current role. Also my team is focusing now on some hunting as part of our day to day. I went into the PenTesting route since it was something I never knew much about and I wanted to challenge myself. I went through the eJPT (eLearn Junior Pentest), did the GPEN, and have been working through the material with the eCPPT. It has been slower than I hoped since I am learning about a lot of new things I never knew about. I am interested in the red team stuff more our of curiosity than being a full fledged pentester. Would I take a job as a pentester, probably but not the priority. I am more interested in defense and since it has been more expensive to do some of the defensive courses with SANS (SEC555 and SEC511) this course came at the right time and right price.
Day one:
Downloaded all PDFs and will be starting the first module this week.
More to follow...
Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Comments
2019 Goals:
eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
It’s not a lot of content. I think the value comes the one stop place. With the discount and free upgrade I believe it extremely worth it. If you want to get into blue team topics and don’t have a lot of money to invest, getting this at full price it’s a better deal than waiting to get selected for a work study at SANS for one of their blue team courses.
Haven’t done any lab yet.
More to follow
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
hows the video ? maybe you can give review 1 - 2 lab first ? since i think many people waiting for your review
2023 Cert Goals: SC-100, eCPTX
As far as usefulness for my job; I got some value so far with some of my goals for next year. We are building a threat hunting part to our list of things we do for next year. I am already seeing ways of implementing this into that program.
Opinion: If you wanna do blue team and are getting a discount on it, buy it. If you company is paying for it, buy it. If you are going to pay full price, let it be bc you want to get into a security analyst job and you want some good skillsets for that.
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Towards the very bottom of this year in review page.
You ain’t seen nothing yet!
If you thought 2017 was good, watch out for the next one. We’re just getting started, and even more exciting things await us these coming months. Here are a few you should look out for:
- a Hack.me overhaul;
- updates to your favorite courses;
- even more brand new training courses;
- the return of the Ethical Hacker Network!
Before the ball drops and the fireworks start, the team would like to thank each and everyone of you for being a part of our eLS community, and for helping us reach new heights, year in and year out.Have a Happy New Year, everybody!
2023 Cert Goals: SC-100, eCPTX
roughly 3 1/2 hours and I am still inthe first module. I am also taking some time to read over resources they provide. I am looking forward to the packet analysis.
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
The lab was a little lacking. I felt it could have been a bit more involved but the directions didn't really should you much, you had to go into the solution to know what they wanted from you. They didn't really talk about YARA as much as I would have liked personally. They just covered it in passing and how to use it locally. Not sure if this will circle back when it gets to more of the endpoint portion.
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
I also purchased this course as it was fairly cheap compared to other courses(SANS) and offered some of the material I was looking to study. In addition, I've purchased the PTS and PTP courses from them in the past and was extremely satisfied. Up to this point I completed the first section, Threat Hunting, and the last section, Endpoint Analysis, and enjoyed the material for the most part. I was happy to see that Redline and Volatility were covered but I felt that they could have went into greater detail in the malware analysis section.
Regarding SIEM, there is a section within Endpoint Analysis that reviews search methodologies and hunting techniques for specific attacks such as mimikatz, code injection and keyloggers. While it does provide specific details for specific attacks, it also provides a general overview on how you should conduct your hunts. The videos reviewed the concepts in better detail and the labs provided great practical experience.
On to the last section, Network Analysis.
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
I've paused my progress on the threat hunting course as well as I'm starting the GCIH next week!
Finished the GWAPT and I have some time between now and the July COHORT for CCNA CyberOps. I have decided to attempt to complete what I have left with the eTHP which is the endpoint section. This covers, windows process/malware/SIEM/hunting, so I believe I can get through most of it. I am going to update this post as I go further along. Hopefully I can do the exam before the next course starts.
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power