This lab is the key to managing your organization’s risk score is the ability to quickly detect
advancing threats, and then prioritize response efforts. InsightIDR helps you identify attack
behaviors in the environment through the combined view of log search, endpoint detection,
network telemetry, and threat intelligence.
Cybersecurity professionals accessing this hands-on lab will demonstrate the skills and
knowledge necessary to:
- Collect log data from valuable data sources
- Search log data using a variety of log query languages
- Deploy deception technologies
- Employ endpoint detection on Insight Agents
- Optimize alert framework to reduce alert fatigue and false positives for your organization
- Contextualize attack alerts by correlating threat intelligence feeds
- Enable the Security Operations Center (SOC) by building a custom analytics framework
- Build efficiencies in to incident response workflows through automation and orchestration
Course modules:
- Login into Insight IDR Saas platform
- Navagating UI
- Deploy an InsightIDR Collector – Windows Server
- Deploy an InsightIDR Collector – Linux Server
- Add an LDAP Event Source
- Add an Active Directory Event Source
- Add a DHCP Event Source
- Add a DNS Event Source
- Install an Insight Agent
- Configure Settings Introduction
- Configure Credential Settings
- Configure Asset Settings
- Configure User Management Settings
- Configure File Integrity Monitoring Settings
- Configure Honey Files and Users Settings
- Configure Export Data Settings
- Configure Read-Only Domain Controllers Settings
- Configure IP Ranges Settings
- Configure Network Zones and Policies Settings
- Configure Tagged Domains Settings
- Configure Unknown IP Addresses Settings
- Configure Monthly Data Usage Settings
- Configure Automatic Log Structuring Settings
- Configure S3 Archiving Settings
- Deploy an Insight Network Sensor – Virtual Machine
- View Insight Network Sensor Rules and Detections
- View ENTA Network Flow Data Detections
Reviews
There are no reviews yet.