Interested in hunting? Don’t know where to start? This course is a great place to begin as we will give you a recommended approach for identifying threats using the RSA NetWitness Platform.
This recorded training course provides an overview of threat hunting and covers hunting tools, content and methodologies that can be used to proactively find suspicious behavior. Students will apply the techniques acquired in this course to identify anomalies and find threats in the environment using Packets, Logs and Endpoint.
Anyone interested in learning a recommended approach for identifying threats using the RSA NetWitness Platform.
Students should be familiar with basic computer architecture, networking fundamentals and general information security concepts. Basic knowledge of the TCP/IP protocol stack is beneficial. It is recommended students take the following prerequisite courses:
Introduction to the RSA NetWitness Platform
RSA NetWitness Logs & Network Foundations
RSA NetWitness Logs & Network Analysis
Upon successful completion of this course, participants should be able to:
Describe threat hunting and Incident Response roles
Describe the Hunting Guide
Describe the Hunting Methodology
Describe the Hunting Pack meta
Describe RSA NetWitness Platform hunting tools
Identify protocol/service anomalies
Identify indicators of malicious traffic
Use hunting techniques, methodology and tools to detect threats