The RSA NetWitness Analysis training course provides a roadmap for adopting Intelligence-Driven Information Security, following the model outlined in the article, “Getting Ahead of Advanced Threats: Achieving Intelligence-Driven Information Security,” a 2012 publication of the Security for Business Innovation Council. RSA NetWitness is used to illustrate the key steps that are critical for incident identification and response. RSA NetWitness Investigator and Informer are used extensively in the hands-on exercises to practice the concepts presented.
By attending RSA NetWitness Analysis workshop, Participants will learn to:
- Identify the security challenges facing companies today
- Describe the Intelligence-Driven Roadmap process
- Describe RSA NetWitness components and architecture
- Apply the scientific method to resolve a security problem
- Access source data through RSA NetWitness Live Manager
- Apply a defined process to Participants investigations
- Differentiate between short-term and long-term strategies for mitigating risk
- Share intelligence Using RSA NetWitness
- Articulate the benefits of various modes of presentation
- Present data using RSA NetWitness Informer
- Describe how to address future challenges and improve response
Participants should be familiar with basic computer architecture, data networking fundamentals and general information security concepts. A background in Enterprise data networking and communications is required. Programming language experience is helpful but not required. Basic knowledge of the TCP/IP protocol stack is useful.
Security analysts who are new to RSA NetWitness and are responsible for incident identification and response.