Training Overview
Adversaries manoeuvre in covert ways—camouflaging their actions within the most trusted components already in your environment. They don’t always install something tangible like malware, but they always leave behind a behavioural trail. Endpoint detection & response (EDR) continuously monitors & gathers data to provide the visibility & context needed to detect & respond to threats. But current approaches often dump too much information on already stretched security teams. MVISION EDR helps to manage the high volume of alerts, empowering analysts of all skill levels to do more & investigate more effectively. This training prepares SOC Analysts to understand, communicate, & use the features provided by Endpoint Detection & Response. Through hands-on lab exercises, you will learn how to detect advanced device threats, fully investigate, & quickly respond.
Duration: 2 days
Prerequisites
It is recommended that professionals have a working knowledge of the following:
- Networking & system administration concepts
- Computer security concepts
- Network security concepts & practices
- Malware analysis, forensics, tactics & techniques
Audience Profile
This training is intended for customers, acting as either or both Analysts & Engineers, responsible for configuration, management, & monitoring activity on their systems, networks, databases & applications using the MVISION EDR solution. A working knowledge of networking, system administration, computer security concepts, & a general understanding of networking & application software.
Learning Objectives:
This training focuses on enabling you to do the following:
- Describe the product/solution architecture
- Distinguish between deployment options
- Identify the supported platform, environment, or operating systems
- Describe why Threat Hunting is required
- Leverage the Alerting dashboard to view the raw events from managed devices
- Recall the Device Search investigation capabilities
- Use historical data to assist with analyzing how a threat occurred in the system & what triggered it
- Take action on search results to execute reaction code onto managed endpoints
- Describe what Incident Response (IR) & its importance is
Content Outline
- Welcome
- What is EDR?
- Architecture
- Setup & Deployment
- Monitoring
- Alerting
- Device Search
- Historical Search
- Real-time Search
- Investigating
- Catalog
- Action History
- Performance Metrics
- Troubleshooting
- Use Cases
- Incident Response
- Threat Hunting
FAQs
Adversaries manoeuvre in covert ways—camouflaging their actions within the most trusted components already in your environment. They don’t always install something tangible like malware, but they always leave behind a behavioural trail. Endpoint detection & response (EDR) continuously monitors & gathers data to provide the visibility & context needed to detect & respond to threats. But current approaches often dump too much information on already stretched security teams.
Endpoint Detection & Response (EDR), also referred to as endpoint detection & threat response (EDTR), is an endpoint security solution that continuously monitors end user devices to detect & respond to cyber threats like ransomware & malware.
This training focuses on enabling you to do the following:
- Describe the product/solution architecture
- Distinguish between deployment options
- Identify the supported platform, environment, or operating systems
- Describe why Threat Hunting is required
- Leverage the Alerting dashboard to view the raw events from managed devices
- Recall the Device Search investigation capabilities
- Use historical data to assist with analyzing how a threat occurred in the system & what triggered it
Radiant believes in a practical & creative approach to training & development, which distinguishes it from other training & developmental platforms. Moreover, training is undertaken by some experts with a range of experience in their domain
Radiant team of experts will be available at e-mail support@radianttechlearning.com to answer your technical queries even after the training program
Yes, Radiant will provide you most updated high, value-relevant real-time projects & case studies in each training program.
Technical issues are unpredictable & might occur with us as well. Professionals have to ensure they have access to the required configuration with good internet speed.
Radiant Techlearning offers training programs on weekdays, weekends & combination of weekdays & weekends. We provide you with complete liberty to choose the schedule that suits your need.