RSA Netwitness Endpoint (ECAT) Hunting Guide Cheat Sheet

Document created by RSA Link Team Employee on Nov 8, 2016Last modified by RSA Link Team Employee on Nov 8, 2016
Version 2Show Document
  • View in full screen mode

This guide was designed to assist in hunting with Netwitness Endpoint (ECAT). It contains some of the more important information from Hunting Guide, but in an easy reference. The second page is split into two parts: RED for strong indication of malware, and YELLOW for a good indication. The Cheat Sheet should be printed out front to back and laminated.


******* UPDATE v1.1 *********

Removed references to $FN and $SI dates since they are no longer available in the UI