Netwitness Education offers three main training paths, these paths are based on the Administrator role, the Analyst and an advances Hunter role, you can find more details for each below:
NetWitness Administrator Path
<-Click badge to view infographic
Audience
Admin level roles within a company, users responsible for managing and supporting the NetWitness platform, as well as basic troubleshooting and configuration
Recommended courses(in order):
NetWitness Platform Foundations
This training includes role and fundamental concepts of the NetWitness Platform. Threat visibility and analysis capabilities available via such tools as email reconstruction, event and file analysis, and meta keys are discussed, as well as basic architecture and data flow. Another section demonstrates the Platform in action when drawing data from infrastructure logs, network packet capture, and endpoint monitoring
NetWitness Platform Administration I
This classroom-based course provides an overview of essential administrative tasks that are performed in order to get the RSA NetWitness Platform up and running. Students gain insight into configuring hosts and services and managing users within RSA NetWitness Platform and gain practical experience by performing a series of hands-on labs.
NetWitness Platform Administration II
This classroom training provides students with the knowledge and skills related to the administration and operation of the RSA NetWitness Platform. Topics covered include NetWitness Platform Services, Health and Wellness, Event Source Monitoring, backup and recovery, and administration tools for monitoring and troubleshooting the NetWitness platform. Students will gain practical experience by performing a series of hands-on labs.
NetWitness Endpoint Foundations
This classroom-based training provides a general introduction to RSA NetWitness Endpoint analysis. Students will participate in both lectures and hands-on experience using the RSA NetWitness Endpoint Analytics tool. The course consists of about 50% hands-on lab work, using a virtual lab environment.
NetWitness Analyst Path
Audience:
Analyst level roles within a company, users responsible for creating, monitoring, analyzing and investigating alerts and security related events using the NetWitness platform
Recommended courses(in order):
NetWitness Platform Foundations
This training includes role and fundamental concepts of the RSA NetWitness Platform. Threat visibility and analysis capabilities available via such tools as email reconstruction, event and file analysis, and meta keys are discussed, as well as basic architecture and data flow. Another section demonstrates the Platform in action when drawing data from infrastructure logs, network packet capture, and endpoint monitoring
NetWitness Platform AnalysisThis training provides hands-on experience using the RSA NetWitness Platform to investigate and remediate security incidents. The course consists of about 50% hands-on lab exercises, following a practical methodology from the incident queue through investigation, event reconstruction, damage assessment, and documentation using real-world use cases. Please choose the training course and version below for detailed information and to register.
This training provides recommended methodologies for creating content to assist you in discovering, analyzing and resolving threats in RSA NetWitness Platform. Students will benefit from both lecture and hands-on lab exercises using a virtual environment to practice the techniques learned in class. Please choose the training course and version below for detailed information and to register.
This training provides an overview of threat hunting and covers hunting tools, content and methodologies that can be used to proactively find suspicious behavior. Students will apply the techniques acquired in this course to identify anomalies and find threats in the environment using Packets, Logs, and Endpoint. Please choose the training course and version below for detailed information and to register.
NetWitness Hunter Path
<-Click badge to view infographic
Audience
Advanced analyst and threat hunter roles within a company, users responsible for threat hunting and incident response, as well as advanced analysis
Recommended courses(in order):
NetWitness Platform Foundations
This training includes role and fundamental concepts of the RSA NetWitness Platform. Threat visibility and analysis capabilities available via such tools as email reconstruction, event and file analysis, and meta keys are discussed, as well as basic architecture and data flow. Another section demonstrates the Platform in action when drawing data from infrastructure logs, network packet capture, and endpoint monitoring
This training provides hands-on experience using the RSA NetWitness Platform to investigate and remediate security incidents. The course consists of about 50% hands-on lab exercises, following a practical methodology from the incident queue through investigation, event reconstruction, damage assessment, and documentation using real-world use cases. Please choose the training course and version below for detailed information and to register.
NetWitness Platform Introduction to Hunting
This training provides an overview of threat hunting and covers hunting tools, content and methodologies that can be used to proactively find suspicious behavior. Students will apply the techniques acquired in this course to identify anomalies and find threats in the environment using Packets, Logs, and Endpoint. Please choose the training course and version below for detailed information and to register.
This private group Instructor-led class gives the students the opportunity to hunt for adversaries in a realistic environment with real-time attacks happening during the class. Students will be provided with several complex, multipart cyberattack use cases to work through, and will be tasked with finding key evidence about the attack, identifying targeted and compromised systems, reconstructing the sequence of events, and proposing a remediation plan. Students also will compete against each other to collect points through their investigation and by answering questions. They can also get hints that will cost them points from their overall score. Students will be given a minimal amount of introductory information and will conduct their analyses using their knowledge of networking protocols, endpoint operating systems, and common cyber-attack vectors.
For any additional questions please reach out to us at education.support@netwitness.com
