RSA NetWitness Endpoint Foundations

Created by Catherine Robichaud Employee on Oct 28, 2020

Wednesday, February 24, 2021 at Live Virtual Classroom Training

Starts at 9:00 AM · Ends on Feb 25, 2021 at 5:00 PM, EST (America/New_York)

  • Catherine Robichaud

This training provides a general introduction to RSA NetWitness Endpoint: it’s architecture and data flow, analysis workflow and interface, and some of the characteristics of malicious files and behavior it is designed to detect. The two days consist of about 50% lecture and 50% hands-on lab work in a virtual environment.



Anyone new to RSA NetWitness Endpoint interested in increasing their familiarity with the tool’s analysis and admin functionality. Familiarity with other RSA NetWitness Platform tools is recommended. 



Recommended Prerequisite Knowledge/Skills

  • RSA NetWitness Platform Fundamentals
  • Basic knowledge of malware, networking fundamentals and general security concepts.


Course Objectives

Upon successful completion of this training, participants should be able to:

  • Define what NetWitness Endpoint is and what it does
  • Identify architecture components
  • Triage assessment of potentially malicious files and hosts by risk score
  • Navigate the NetWitness Endpoint interface to investigate suspicious files and processes
  • Customize the Endpoint interface 
  • Perform basic threat assessment in context of NetWitness metadata 


Click HERE to register for this training event. 

If you have any questions please click HERE.

Live Virtual Classroom Training