The RSA NetWitness Platform Hunting - Essentials training course provides an overview of threat hunting and covers hunting tools, content and methodologies that can be used to proactively find suspicious behavior. You will apply the techniques acquired in this course to identify anomalies and find threats in the environment using Packets, Logs and Endpoint.
By attending RSA NetWitness Platform Hunting - Essentials workshop, delegates will learn to:
- Describe threat hunting and incident response roles
- Describe the RSA NetWitness Hunting Guide
- Describe the hunting methodology
- Describe the Hunting Pack meta
- Describe the UEBA Essentials Content Pack
- Describe the UEBA Essentials Hunting Guide
- Describe the MITRE's ATT&CK frameworks
- Describe RSA NetWitness Hunting Cards
- Describe the basics of hunting with RSA NetWitness Endpoint
- Describe RSA NetWitness Platform hunting tools
- Identify protocol/service anomalies
- Identify indicators of malicious traffic
- Use hunting techniques, methodology and tools to detect threats
- Respond to incidents
- Report findings
Attend the below training courses or have equivalent knowledge
- RSA NetWitness Essentials
- RSA NetWitness Platform Foundations
- RSA NetWitness Platform Analysis
This RSA NetWitness Platform Hunting - Essentials class is intended for Anyone interested in hunting with the RSA NetWitness Platform