The Trellix Endpoint Detection and Response Administration course from Education Services prepares SOC Analysts to understand, communicate, and use the features provided by Endpoint Detection and Response (EDR). Trellix EDR helps to manage the high volume of alerts, empowering analysts of all skill levels to do more and investigate more effectively. Through hands-on lab exercises, you will learn how to detect advanced device threats, fully investigate, and quickly respond.
Contact Us
We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.
Duration
2 Days
2 Days
Delivery
(Online and onsite)
(Online and onsite)
Price
Price Upon Request
Price Upon Request
- Install EDR in an on-premises ePolicy Orchestrator (ePO) environment
- Navigate effectively through the product dashboard, walk through guided investigations, and create custom collectors and reactions
- Leverage EDR features to detect advanced device threats, fully investigate them, and quickly respond
- Use alert ranking and data visualization to quickly understand threats and prioritize action
Day 1
- Welcome
- What is EDR?
- Architecture
- Setup and Deployment
- Monitoring
- Alerting
- Device Search
- Historical Search
Day 2
- Real-time Search
- Investigating
- Catalog
- Action History
- Performance Metrics
- Troubleshooting
- Use Cases
This course is intended for customers acting as analysts and/or engineers, responsible for configuration, management, and monitoring activity on their systems, networks, databases, and applications using the EDR solution.
Students taking this course should have a solid knowledge of networking and system administration concepts, computer security concepts, network security concepts and practices, as well as a working knowledge of malware analysis, forensics, tactics, and techniques. Students should also have a general understanding of networking and application software.
The Trellix Endpoint Detection and Response Administration course from Education Services prepares SOC Analysts to understand, communicate, and use the features provided by Endpoint Detection and Response (EDR). Trellix EDR helps to manage the high volume of alerts, empowering analysts of all skill levels to do more and investigate more effectively. Through hands-on lab exercises, you will learn how to detect advanced device threats, fully investigate, and quickly respond.
- Install EDR in an on-premises ePolicy Orchestrator (ePO) environment
- Navigate effectively through the product dashboard, walk through guided investigations, and create custom collectors and reactions
- Leverage EDR features to detect advanced device threats, fully investigate them, and quickly respond
- Use alert ranking and data visualization to quickly understand threats and prioritize action
Day 1
- Welcome
- What is EDR?
- Architecture
- Setup and Deployment
- Monitoring
- Alerting
- Device Search
- Historical Search
Day 2
- Real-time Search
- Investigating
- Catalog
- Action History
- Performance Metrics
- Troubleshooting
- Use Cases
This course is intended for customers acting as analysts and/or engineers, responsible for configuration, management, and monitoring activity on their systems, networks, databases, and applications using the EDR solution.
Students taking this course should have a solid knowledge of networking and system administration concepts, computer security concepts, network security concepts and practices, as well as a working knowledge of malware analysis, forensics, tactics, and techniques. Students should also have a general understanding of networking and application software.