RSA NetWitness Platform Analysis

Created by Catherine Robichaud Employee on Jun 23, 2020

Monday, August 24, 2020 at Live Virtual Classroom Training

Starts at 10:00 AM · Ends on Aug 25, 2020 at 6:00 PM, EST (America/New_York)

  • Catherine Robichaud

This training provides hands-on experience using the RSA NetWitness Platform to investigate and document security incidents. The course consists of about 50% hands-on lab work, following a practical methodology from the incident queue through investigation, event reconstruction, damage assessment, and documentation using real-world use cases


Prerequisite Knowledge/Skills

Students should have familiarity with the basic processes of cybersecurity analysis, including some knowledge of network architecture, the TCP/IP stack, networking protocols, and integrating log & network traffic to perform analysis on network-based security events.


Students should have completed the following courses (or have equivalent knowledge) prior to taking this training:

RSA NetWitness Platform Foundations


Course Objectives

Upon successful completion of this course, participants should be able to:

  • Identify Analyst roles and SOC models
  • Describe incident types and methods to prioritize incidents
  • Describe the Incident Response process
  • Use analysis tools and interfaces to perform incident response
  • Describe the Investigative Methodology
  • Describe a systematic approach to investigate metadata
  • Describe the Investigation Model
  • Identify types of threats
  • Use the incident response process, the investigative methodology and tools to investigate multiple use cases using packets, logs and endpoint



Click HERE to register for this training event. 

If you have any questions please click HERE.

Live Virtual Classroom Training