eLS THP (Threat Hunting Professional)

I have seen a few posts about it, but how many people on here have completed the course? I have done analyst work in the past and some pentesting, but no specific threat hunting. This is a skillset I am looking to develop and outside of SANS (which is way out of budget right now), this is the only other course I can really find.
For anyone who has done it, did you find the content worth it? I've worked through their PTS and PTP courses and though the material was good, but I have heard that some of the other courses are not as well designed. If you do hunting in your day-to-day and have done the course, do you feel it teaches real-world hunting or is it more of an academic "this isn't how we actually do it".
For anyone who has done it, did you find the content worth it? I've worked through their PTS and PTP courses and though the material was good, but I have heard that some of the other courses are not as well designed. If you do hunting in your day-to-day and have done the course, do you feel it teaches real-world hunting or is it more of an academic "this isn't how we actually do it".
Tagged:
Comments
Check the syllabus topics and you might just have to take a leap of faith on your own judgment.
2023 Cert Goals: SC-100, eCPTX
The main downside I have when it comes to looking at the syllabus is that I don't do threat hunting in my current role - so I don't know if the course is comprehensive or not. I've always been positive about eLS and their training, so I don't doubt the course is good. A lot of the recent eLS bashing seems to be over them adding so many new courses and raising some of the pricing, so I don't know if the negative reviews are legit or just people upset. This course will be completely out of pocket for me though so, I definitely want the most bang for my buck.
i hope i can become one of that 7 people, i think elite would be good choice.
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
- b/eads
I know you work with SIEM a good bit, do you feel the course is geared more towards threat hunting in a SIEM or in more of an on-system incident response situation? Do you feel like there has been a good ROI or do you think you already had a good grasp of the majority of the content prior to the course?
For the course itself, do you feel the content is well thought out? I've heard a ton of complaints about PTX feeling incomplete. I am hoping this is not the case for THP.
I cannot say that the course is lacking. I believe it has the right amount of content for someone who is starting off into a security analyst position. You do have to have a computer background (like any security professional should), it covers some basics and quickly moves into the stuff for the hunting aspect. I haven't made it into the endpoint/SIEM part but it has been a good quality material. It really provided the foundation I needed for some ideas I was tossing in my mind that I didn't have a starting place.
Once I get done with the SIEM part, I will circle back to you.
The labs do not feel like they have a lot of meat in them, its like, build this IOC and look for this result so far. That doesn't feel very robust to me. For the intro price, it was the right cost. Then again to get a decent threat hunting cert, you'd have to go into the SANS route, FOR508 or FOR572 or SEC511 or SEC599, and each are in the 6300 price range. So it depends on your threshold for investment.
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
Twitter: https://twitter.com/Malware_Mike
Website: https://www.malwaremike.com
Shortly after completing this course I was able to get my hands on the SANS 508 (Advanced Digital Forensics, Incident Response, and Threat Hunting) course material from a colleague and felt that the ELS THP course helped better prepare me for that advanced level course. It isn't right to compare both courses as the THP guides you gently into threat hunting and some basic IR processes while SANS 508 ramps up fairly quickly. In addition, ELS is practically 15-20% of the price of SANS 508.
I never took the THP exam as I've been concentrating on the SANS 508 material and trying to prepare for the GCFA.
2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
Twitter: https://twitter.com/Malware_Mike
Website: https://www.malwaremike.com
SANS would be ideal, maybe in the future
My personal recommendation - look at the forum before starting any Lab - in this case everything should go smoothly.
2019 Goals:
eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
2019 Goals:
eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
2019 Goals:
eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
2019 Goals:
eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
2019 Goals:
eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
2019 Goals:
eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
Looking online for other people I saw as little as 4 hours up to 25 business days. Those for other exams though.
The exam is definitely a nice surprise compared to the course work.
How about SLA? I really surprised, even more than with exam challenges.
2019 Goals:
eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610