RSA NetWitness Endpoint Foundations

Created by Catherine Robichaud Employee on Jun 3, 2020

Monday, June 15, 2020 at Live Virtual Classroom Training

Starts at 10:00 AM · Ends on Jun 16, 2020 at 6:00 PM, EST (America/New_York)

  • Catherine Robichaud

This classroom-based training provides a general introduction to RSA NetWitness Endpoint analysis. Students will participate in both lecture and hands-on experience using the RSA NetWitness Endpoint Analytics tool. The course consists of about 50% hands-on lab work, using a virtual lab environment.


Recommended Prerequisite Knowledge/Skills

No prerequisite requirements but basic knowledge of malware, networking fundamentals and general security analysis concepts is recommended.


Course Objectives

Upon successful completion of this training, participants should be able to: 

  • Describe what RSA NetWitness Endpoint is and what it does
  • Identify architecture components
  • Deploy a new endpoint agent
  • Interpret risk scores and alerts based on endpoint data
  • Explore metadata derived from endpoint scans
  • Customize data types available in user interface
  • Perform basic file and host analysis
  • Obtain file and memory samples for forensic analysis
  • Identify potentially malicious timestamp mismatches in MTF files


Click HERE to register for this training event. 

If you have any questions please click HERE.

Live Virtual Classroom Training