Adversaries maneuver in covert ways—camouflaging their actions within the most trusted components already in your environment. They don’t always install something tangible like malware, but they always leave behind a behavioral trail. Endpoint detection and response (EDR) continuously monitor and gather data to provide the visibility and context needed to detect and respond to threats. But current approaches often dump too much information on already stretched security teams.
MVISION EDR helps to manage the high volume of alerts, empowering analysts of all skill levels to do more and investigate more effectively. This course prepares SOC Analysts to understand, communicate, and use the features provided by Endpoint Detection and Response. Through hands-on lab exercises, you will learn how to detect advanced device threats, fully investigate, and quickly respond.
What is EDR?
Architecture:
Setup and Deployment:
Monitoring:
Alerting:
Device Search:
Historical Search:
Real-time Search:
Investigating:
Catalog:
Action History:
Performance Metrics:
Troubleshooting:
Use Cases:
Day 1
Day 2
This course is intended for customers, acting as either or both Analysts and Engineers, responsible for configuration, management, and monitoring activity on their systems, networks, databases and applications using the MVISION EDR solution. A working knowledge of networking, system administration, computer security concepts, and a general understanding of networking and application software.
It is recommended that students have a working knowledge of:
Adversaries maneuver in covert ways—camouflaging their actions within the most trusted components already in your environment. They don’t always install something tangible like malware, but they always leave behind a behavioral trail. Endpoint detection and response (EDR) continuously monitor and gather data to provide the visibility and context needed to detect and respond to threats. But current approaches often dump too much information on already stretched security teams.
MVISION EDR helps to manage the high volume of alerts, empowering analysts of all skill levels to do more and investigate more effectively. This course prepares SOC Analysts to understand, communicate, and use the features provided by Endpoint Detection and Response. Through hands-on lab exercises, you will learn how to detect advanced device threats, fully investigate, and quickly respond.
What is EDR?
Architecture:
Setup and Deployment:
Monitoring:
Alerting:
Device Search:
Historical Search:
Real-time Search:
Investigating:
Catalog:
Action History:
Performance Metrics:
Troubleshooting:
Use Cases:
Day 1
Day 2
This course is intended for customers, acting as either or both Analysts and Engineers, responsible for configuration, management, and monitoring activity on their systems, networks, databases and applications using the MVISION EDR solution. A working knowledge of networking, system administration, computer security concepts, and a general understanding of networking and application software.
It is recommended that students have a working knowledge of: