RSA NetWitness Logs & Network Content Creation

Document created by Connor Mccarthy Employee on Oct 30, 2017Last modified by Matthew Bradley on Nov 16, 2018
Version 17Show Document
  • View in full screen mode

Schedule & Register

Schedule Only

On-Demand

 

 

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

 

Summary

This Instructor-Led course provides recommended methodologies for creating content to assist you in discovering, analyzing and resolving threats in RSA NetWitness Logs & Network.

 

Overview

This Live Instructor-Led course provides recommended methodologies for creating content to assist you in discovering, analyzing and resolving threats in RSA NetWitness Logs & Network. Students will benefit from both lecture and hands-on lab exercises using their own virtual environment to practice the techniques learned in class.

 

Audience

Customer, PS, CS, SE, Partners

 

Duration

2 days

 

Prerequisite Knowledge/Skills

Student should have completed or have comparable knowledge to what is provided in the following course: RSA NetWitness Logs & Network Foundations

 

Course Objectives

Upon successful completion of this course, participants should be able to:

  • Describe content types and identify how and when to use each content type
  • Optimize content for performance and functionality
  • Describe how index settings affect content 
  • Edit index settings to maximize results
  • Identify how to use Live content to address specific needs
  • Describe how to deploy and use the Hunting Pack
  • Describe methodologies for creating content
  • Create a taxonomy for rules and reports
  • Describe how to find and use malicious data in content creation
  • Create reports to verify efficacy of content
  • Use techniques and methodologies to automate threat detection
  • Validate results and refine your approach accordingly

 

Course Outline

  • Content Creation Overview
  • Content Creation Techniques
  • Case Study to Automate Threat Detection

 

 

 

 

 

Schedule & Register

Schedule Only

On-Demand

 

 

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

Attachments

    Outcomes