The CCFH certification confirms our MPGSOC analysts are able to investigative deeper detection analysis and response as well as machine timelining and event-related search queries, insider-threat-related investigations, and proactive investigations (threat hunting).
A successful CrowdStrike Certified Falcon Hunter is capable of the following:
Understand all aspects of detection investigation
Navigate among and use multiple views in the Falcon console to perform automated queries such as IP and Domain searches and time-lining using Splunk event searching
Understand event data structure and relationships
Conduct simple and intermediate search queries using Splunk
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Learn More ➔
