Skills
- Azure Hunting
- Cloud IR
- MITRE ATT&CK
- Entra ID Investigations
- Azure RM Investigations
- M365 Threat Analysis
- Azure Telemetry
- Splunk Monitoring
- Detection Engineering
- Cloud SecOps
- Identity Detection
- SOAR Automation
Cyberwarfare Labs
Certified Azure Threat Hunter (CAz-TH) Certificate is awarded to professionals skilled in proactively detecting, investigating, and responding to threats in Microsoft Azure and Microsoft 365 environments. It validates expertise in cloud threat hunting, log analysis, incident response, and adversary behavior analysis across services like Microsoft Entra ID, Azure Resource Manager, and Microsoft 365. The certification is earned through hands-on labs, practical investigations, and successful completion of the final assessment.
Capabilities
The holder of an Active Certified Azure Threat Hunter (CAz-TH) Certificate demonstrates the ability to operate as a cloud threat hunter and incident responder within Microsoft Azure environments.
- Conduct proactive threat hunting across Azure and Microsoft 365 environments.
- Investigate identity threats, suspicious authentication events, and privilege escalation attempts.
- Analyze Azure and Microsoft 365 telemetry to detect malicious activity and account compromise.
- Map attacker behaviors to the MITRE ATT&CK framework and identify cloud attack techniques.
- Detect persistence, lateral movement, and unauthorized resource manipulation in Azure.
- Correlate security events across multiple data sources using SIEM tools such as Splunk.
- Perform incident response activities, including containment, eradication, and recovery.
- Implement automated threat hunting and detection workflows using SOAR and repeatable methodologies.
Next Steps
This certification prepares professionals for advanced roles such as Cloud Threat Hunter, Cloud Security Analyst, SOC Analyst (Azure & Microsoft 365), Incident Responder, Detection Engineer, Cloud Security Consultant, and Security Operations Engineer. Additionally, Learners can further advance and expand their cloud security expertise through the following certifications:
- Google Cloud Red Team Specialist (CGRTS): Focuses on offensive security and red team operations in Google Cloud Platform, including identity abuse, resource exploitation, and attack simulation.
- AWS Cloud Red Team Specialist (CARTS): Covers adversary techniques and red team methodologies in AWS, including identity attacks, privilege escalation, and infrastructure exploitation.
- Azure Red Team Specialist (AzRTS): Focuses on advanced attack simulation in Microsoft Azure, including identity abuse, privilege escalation, resource exploitation, and hybrid cloud attack paths.
Earning Criteria
To earn the Certified Azure Threat Hunter (CAz-TH) Certificate, participants are required to:
- Complete all CAz-TH training materials.
- Successfully finish the guided threat hunting and investigation labs.
- Demonstrate skills in identifying, investigating, and responding to Azure cloud attacks.
- Apply threat hunting techniques using Azure and Microsoft 365 telemetry.
- Meet certification requirements and pass the CAz-TH practical exam.
Connecting You to Advanced Cybersecurity Expertise Worldwide.
Get in touch
Cambridge, United Kingdom, CB2 9SU.