This Live Instructor-Led course provides recommended methodologies for creating content to assist you in discovering, analyzing and resolving threats in RSA NetWitness Logs & Network. Students will benefit from both lecture and hands-on lab exercises using their own virtual environment to practice the techniques learned in class.
Customer, PS, CS, SE, Partners
Student should have completed or have comparable knowledge to what is provided in the following course: RSA NetWitness Logs & Network Foundations
Upon successful completion of this course, participants should be able to:
- Describe content types and identify how and when to use each content type
- Optimize content for performance and functionality
- Describe how index settings affect content
- Edit index settings to maximize results
- Identify how to use Live content to address specific needs
- Describe how to deploy and use the Hunting Pack
- Describe methodologies for creating content
- Create a taxonomy for rules and reports
- Describe how to find and use malicious data in content creation
- Create reports to verify efficacy of content
- Use techniques and methodologies to automate threat detection
- Validate results and refine your approach accordingly
Click HERE to register for this training event.
If you have any questions please click HERE.