This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Education Courses
No ratings

NetWitness Platform Introduction to Hunting 11.5

JosephCantor
Employee
Employee

on ‎2020-11-19 02:40 PM - edited on ‎2021-08-25 06:08 AM by Contributor Contributor

Schedule & Register

Schedule Only 

On-demand

 

 

In order to register for a class, you need to first create a Dell Education account

If you need further assistance, contact us

 

 

Summary

Interested in hunting? Don’t know where to start? This course is a great place to begin as we will give you a recommended approach for identifying threats using the RSA NetWitness Platform.

 

Overview

This classroom training provides an overview of threat hunting and covers hunting tools, content and methodologies that can be used to proactively find suspicious behavior. Students will apply the techniques acquired in this course to identify anomalies and find threats in the environment using Packets, Logs and Endpoint.

 

Audience

Anyone interested in hunting with the RSA NetWitness Platform

 

Duration

2 days

 

Prerequisite Knowledge/Skills

Students should have the following skills or taken the following training (or have equivalent knowledge) prior to attending this course:

• Introduction to the RSA NetWitness Platform

• RSA NetWitness Platform Foundations

• RSA NetWitness Platform Analysis

 

Course Objectives

Upon successful completion of this course, participants should be able to:

• Describe threat hunting and incident response roles.
• Describe the RSA NetWitness Hunting Guide.
• Describe the hunting methodology.
• Describe the Hunting Pack meta .
• Describe the UEBA Essentials Content Pack.
• Describe the UEBA Essentials Hunting Guide.
• Describe the MITRE’s ATT&CK™ frameworks.
• Describe RSA NetWitness Hunting Cards.
• Describe the basics of hunting with RSA NetWitness Endpoint.
• Describe RSA NetWitness Platform hunting tools.
• Identify protocol/service anomalies.
• Identify indicators of malicious traffic.
• Use hunting techniques, methodology and tools to detect threats.
• Respond to incidents.
• Report findings.

 

Course Outline

  • Threat hunting
  • RSA NetWitness Hunting Guide and Hunting Pack
  • Hunting Methodology
  • RSA NetWitness UEBA Essentials Contnet Pack
  • RSA NetWitness Hunt Cards
  • Hunting with RSA NetWitness Endpoint
  • Identifying protocol anomalies
  • Indicators of Compromise
  • Attack characteristics
  • Creating a security incident report
  • Hunting for threats

 

Schedule & Register

Schedule Only 

On-demand

 

 

In order to register for a class, you need to first create a Dell Education account

If you need further assistance, contact us

Was this article helpful? Yes No
0 Likes
Version history
Last update:
‎2021-08-25 06:08 AM
Updated by:
Contributor Contributor
© 2022 RSA Security LLC or its affiliates. All rights reserved.