Jun
6

RSA NetWitness Logs & Network Analysis

Created by Catherine Robichaud Employee on Apr 24, 2019

Thursday, June 6, 2019 at Bedford - RSA

Starts at 10:00 AM · Ends on Jun 7, 2019 at 6:00 PM, EDT (America/New_York)

  • Catherine Robichaud

This instructor-led classroom-based course provides hands-on experience using the RSA NetWitness Logs & Network tool to identify, investigate and remediate network-based security breaches on your enterprise network. The course consists of about 75% hands-on lab work, following practical use cases from the identification and investigation stages through event reconstruction, damage assessment, and remediation.

 

Audience

SOC analysts relatively new to RSA NetWitness Logs & Network, who wish to increase their familiarity with the tool’s features and functions within the context of SOC breach investigation and analysis.

 

Prerequisite Knowledge/Skills

Students should have familiarity with the basic processes of cybersecurity forensic analysis, including some knowledge of network architecture, the TCP/IP stack, networking protocols, and integrating log & network traffic to perform analysis on network-based security events.

 

Course Objectives

Upon successful completion of this course, participants should be able to:

  • Build dynamic dashboards to monitor network alerts
  • Create alerts to populate dashboards
  • Create alerts to populate meta keys
  • Use investigation and event reconstruction techniques to reconstruct breach events
  • Create reports to consolidate alerts across a configurable time period
  • Create alerts to generate incidents in the Incident Queue
  • Assign, document, and remediate incidents from within the Incident Queue
  • Identify, reconstruct, and remediate four sample use cases within the student laboratory SOC environment

 

Click HERE to register for this training event.

If you have any questions please click HERE.

Bedford - RSA

174 Middlesex Turnpike Bedford United States