https://polymathmonkey.github.io/weblog/tags/canarytokens/index.htmlHugoen-usAll text is licensed under a Creative Commons Attribution 4.0 International License.Tue, 31 Mar 2026 09:15:02 +0200https://polymathmonkey.github.io/weblog/posts/sans_for608/index.htmlFri, 20 Mar 2026 07:39:00 +0100https://polymathmonkey.github.io/weblog/posts/sans_for608/index.htmlTable of Contents Enterprise Threat Hunting and Incident Response (FOR608) Preparing for the exam: building an index 608.1 — Proactive Detection and Response 608.2 — Scaling Response and Analysis 608.3 — Modern Attacks against Windows and Linux 608.4 — macOS and Docker Containers 608.5 — Cloud Attacks and Response 608.6 — Capstone What I took away from this Enterprise Threat Hunting and Incident Response (FOR608) My employer booked me back in 2025 onto SANS FOR608 in the on-demand version.