This course is a primer on XDR, covering XDR features, benefits, deployment options, basic administration, and core functionality. Learners will discover the unique strengths of XDR, and understand how XDR enables real-time situational awareness of known and unknown threats.
Hands-on activities include searching log events, triaging XDR alerts and investigating security incidents using XDR.
Day 1
Helix Fundamentals
Data Sources
Search and Trellix Query Language (TQL)
Custom Dashboards, Reports, and Lists
Day 2
Threat Trends, Data Source Selection, and Mitre ATT&CK
Rules
Initial Alerts
Helix Case Management
Network security professionals, incident responders and Trellix administrators and analysts who use XDR to analyze data in noisy event streams.
A working understanding of networking and network security, the Windows operating system, file system, registry, and use of the command line interface (CLI).
This course is a primer on XDR, covering XDR features, benefits, deployment options, basic administration, and core functionality. Learners will discover the unique strengths of XDR, and understand how XDR enables real-time situational awareness of known and unknown threats.
Hands-on activities include searching log events, triaging XDR alerts and investigating security incidents using XDR.
Day 1
Helix Fundamentals
Data Sources
Search and Trellix Query Language (TQL)
Custom Dashboards, Reports, and Lists
Day 2
Threat Trends, Data Source Selection, and Mitre ATT&CK
Rules
Initial Alerts
Helix Case Management
Network security professionals, incident responders and Trellix administrators and analysts who use XDR to analyze data in noisy event streams.
A working understanding of networking and network security, the Windows operating system, file system, registry, and use of the command line interface (CLI).