Post by Mandiant (part of Google Cloud)

Effective threat hunting requires more than just the right tools. It calls for a repeatable, intelligence-driven methodology to uncover adversary activity. That’s where we come in. Many security teams struggle to transition from reactive incident response to proactive threat hunting. To bridge this gap, organizations can integrate cyber threat intelligence with a structured approach, like the A4 framework, to build reliable and effective hunt missions. For the first time, Mandiant Academy is bringing our Practical Threat Hunting course out of the virtual environment and delivering it in-person at the Google Reston office from May 19–21, 2026. This instructor-led training is engineered for incident responders, threat hunters, and security researchers who need to operationalize their hunt capabilities. We focus heavily on practical application, teaching you how to leverage endpoint data, build accurate threat models, and establish clear measures of effectiveness for your overarching hunt program. Throughout the course, practitioners will engage in extensive hands-on labs using the command line, Jupyter Notebooks, and forensic tools like Velociraptor to hunt for evidence of compromise across complex scenarios, including: - Social engineering attacks - Advanced network and system compromises - APT nation-state actor activity Finding the adversary is only the first step. True maturity in a hunt program means translating those discoveries into lasting defenses. Attendees will actively develop an actionable threat hunt library to take back to their organizations and learn how to generate operational use cases, including writing Sigma rules based on their hunt missions. If you have a solid foundation in computer and operating system fundamentals and want to elevate your proactive security posture, join us in Virginia to refine your methodology alongside Mandiant experts. https://bit.ly/3Opz7Ic

Video Content