This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Education Courses
No ratings

NetWitness Platform Introduction to Hunting 11.5 ODC

ElynnKoh
Contributor Contributor
Contributor

on ‎2021-10-28 08:52 AM - edited on ‎2022-04-29 06:14 AM by Frequent Contributor Frequent Contributor

 This Course is currently undergoing some updates, appreciate your patience as we are working on bringing for you the best training experience.

 

Netwitness-Education-2C (2).png

 

Access Training
for Customers/Partners

Access Training
for NetWitness Employees

 

 

 

Check out the newly released 11.6 ILT class here

 

Summary

Interested in hunting? Don’t know where to start? This course is a great place to begin as we will give you a recommended approach for identifying threats using the NetWitness Platform.

 

Overview

This classroom training provides an overview of threat hunting and covers hunting tools, content and methodologies that can be used to proactively find suspicious behavior. Students will apply the techniques acquired in this course to identify anomalies and find threats in the environment using Packets, Logs and Endpoint.

 

Audience

Anyone interested in hunting with the NetWitness Platform

 

Duration

2 days

 

Prerequisite Knowledge/Skills

Students should have the following skills or taken the following training (or have equivalent knowledge) prior to attending this course:

Introduction to the NetWitness Platform

NetWitness Platform Foundations

NetWitness Platform Analysis

 

Course Objectives

Upon successful completion of this course, participants should be able to:

• Describe threat hunting and incident response roles.
• Describe the NetWitness Hunting Guide.
• Describe the hunting methodology.
• Describe the Hunting Pack meta .
• Describe the UEBA Essentials Content Pack.
• Describe the UEBA Essentials Hunting Guide.
• Describe the MITRE’s ATT&CK™ frameworks.
• Describe NetWitness Hunting Cards.
• Describe the basics of hunting with NetWitness Endpoint.
• Describe NetWitness Platform hunting tools.
• Identify protocol/service anomalies.
• Identify indicators of malicious traffic.
• Use hunting techniques, methodology and tools to detect threats.
• Respond to incidents.
• Report findings.

 

Course Outline

  • Threat hunting
  • NetWitness Hunting Guide and Hunting Pack
  • Hunting Methodology
  • NetWitness UEBA Essentials Contnet Pack
  • NetWitness Hunt Cards
  • Hunting with NetWitness Endpoint
  • Identifying protocol anomalies
  • Indicators of Compromise
  • Attack characteristics
  • Creating a security incident report
  • Hunting for threats

 

If you have any questions, please contact your account manager or Contact Us directly!

Was this article helpful? Yes No
Version history
Last update:
‎2022-04-29 06:14 AM
Updated by:
Frequent Contributor Frequent Contributor
© 2022 RSA Security LLC or its affiliates. All rights reserved.