RSA NetWitness Platform Introduction to Hunting (Singapore)

Created by Catherine Robichaud Employee on Oct 28, 2020

Sunday, February 21, 2021 at Live Virtual Classroom Training

Starts at 8:00 PM · Ends on Feb 23, 2021 at 4:00 AM, EST (America/New_York)

  • Catherine Robichaud

This class runs 9AM - 5PM SGT


This classroom training provides an overview of threat hunting and covers hunting tools, content and methodologies that can be used to proactively find suspicious behavior. Students will apply the techniques acquired in this course to identify anomalies and find threats in the environment using Packets, Logs and Endpoint.


Prerequisite Knowledge/Skills

Students should have the following skills or taken the following training (or have equivalent knowledge) prior to attending this course:

• Introduction to the RSA NetWitness Platform

• RSA NetWitness Platform Foundations

• RSA NetWitness Platform Analysis


Course Objectives

Upon successful completion of this course, participants should be able to:

• Describe threat hunting and incident response roles.
• Describe the RSA NetWitness Hunting Guide.
• Describe the hunting methodology.
• Describe the Hunting Pack meta .
• Describe the UEBA Essentials Content Pack.
• Describe the UEBA Essentials Hunting Guide.
• Describe the MITRE’s ATT&CK™ frameworks.
• Describe RSA NetWitness Hunting Cards.
• Describe the basics of hunting with RSA NetWitness Endpoint.
• Describe RSA NetWitness Platform hunting tools.
• Identify protocol/service anomalies.
• Identify indicators of malicious traffic.
• Use hunting techniques, methodology and tools to detect threats.
• Respond to incidents.
• Report findings.

Live Virtual Classroom Training