NetWitness Endpoint Analysis
I am new NetWitness Endpoint 4.4.
I need some advise/pointers on analysis in Netwitness.
Please point me to some guides or posts that can help me to do my analysis.
Advise on how to score some low hanging fruits by performing whitelisting of files,
e.g Can i go ahead to whitlelist all files which Signature is Valid:Microsoft Windows?