on 2021-10-28 08:52 AM - edited on 2022-04-29 06:14 AM by aymanm2
❗ This Course is currently undergoing some updates, appreciate your patience as we are working on bringing for you the best training experience. |
Access Training
for Customers/Partners
Check out the newly released 11.6 ILT class here
Summary
Interested in hunting? Don’t know where to start? This course is a great place to begin as we will give you a recommended approach for identifying threats using the NetWitness Platform.
Overview
This classroom training provides an overview of threat hunting and covers hunting tools, content and methodologies that can be used to proactively find suspicious behavior. Students will apply the techniques acquired in this course to identify anomalies and find threats in the environment using Packets, Logs and Endpoint.
Audience
Anyone interested in hunting with the NetWitness Platform
Duration
2 days
Prerequisite Knowledge/Skills
Students should have the following skills or taken the following training (or have equivalent knowledge) prior to attending this course:
• Introduction to the NetWitness Platform
• NetWitness Platform Foundations
• NetWitness Platform Analysis
Course Objectives
Upon successful completion of this course, participants should be able to:
• Describe threat hunting and incident response roles.
• Describe the NetWitness Hunting Guide.
• Describe the hunting methodology.
• Describe the Hunting Pack meta .
• Describe the UEBA Essentials Content Pack.
• Describe the UEBA Essentials Hunting Guide.
• Describe the MITRE’s ATT&CK™ frameworks.
• Describe NetWitness Hunting Cards.
• Describe the basics of hunting with NetWitness Endpoint.
• Describe NetWitness Platform hunting tools.
• Identify protocol/service anomalies.
• Identify indicators of malicious traffic.
• Use hunting techniques, methodology and tools to detect threats.
• Respond to incidents.
• Report findings.
Course Outline
If you have any questions, please contact your account manager or Contact Us directly!