Cisco Training Courses

Cisco Training Courses

Insoft has been serving IT industry with authorized Cisco courses training, since 2010. Find all the relevant information on Cisco training on this page.

View More

Cisco Certifications

Experience a blended learning approach that combines the best of instructor-led training and self-paced e-learning to help you prepare for your certification exam.

View More

Cisco Learning Credits

Cisco Learning Credits (CLCs) are prepaid training vouchers redeemed directly with Cisco that make planning for your success easier when purchasing Cisco products and services.

Have CLCs and want to redeem them?

Cisco Continuing Education

The Cisco Continuing Education Program offers all active certification holders flexible options to recertify by completing a variety of eligible training items.

View More

Cisco U

Cisco U. is customized to achieve your learning needs as this provides learning paths that includes wide range of topics, including CCNA, Cloud and Network Automation Essentials.

Browse Catalogue

Cisco Business Enablement

The Cisco Business Enablement Partner Program focuses on sharpening the business skills of Cisco Channel Partners and customers.

View More

Fortinet Technical Certifications

Insoft Services´ training capabilities rely on the excellence of our exclusive Fortinet Certified Trainers (FCT). We are dedicated to providing high-quality training to Fortinet Customers and Partners.

View More

Fortinet Technical Courses

Insoft is recognised as Fortinet Authorized Training Center in selected locations across EMEA.

View More

ATC Status

Check our ATC Status across selected countries in Europe.

View More

Fortinet Services Packages

Insoft Services has developed a specific solution to streamline and simplify the process of installing or migrating to Fortinet Products.

Browse Packages

Prepforce Bootcamp

The only comprehensive source available today to prepare for Fortinet NSE 8 certification globally.

View More

Microsoft Training

Insoft Services provides Microsoft training in EMEAR. We provide Microsoft technical training and certification courses that are led by world-class instructors.

View More

Technical Training

The evolution of Extreme Networks Technical Training provides a comprehensive progressive pathway from Associate to Professional accreditation.

View More

ATP Accreditation

As an authorised training partner (ATP), Insoft Services ensures that you receive the highest standards of education available.

View More

What we do

Through our global presence and partner ecosystem, we provide strategic IT consulting services to align IT services with customers' business goals.

View More

 

We are pleased to launch pre-scoped Enterprise Networking Consulting Packages, our ready-made solutions, tailored to ensure efficiency and cost containment.

 

View More

 

We specialize in the deployment of vendor-specific automation tools as well as open-source and vendor-independent solutions, that can be tuned in accordance with the business needs of a specific organization.

 

View More

 

We provide comprehensive IoT consultancy, deployment and support solutions for businesses that want to launch or improve their use of connected technologies.

 

In a world where technologies are evolving rapidly, every company - business needs a partner to rely on and trust for the smooth and secure operation of its network infrastructure.

View More

 

In a world where technologies are evolving rapidly, every company - business needs a partner to rely on and trust for the smooth and secure operation of its network infrastructure.

View More

 

In a world where technologies are evolving rapidly, every company - business needs a partner to rely on and trust for the smooth and secure operation of its network infrastructure.

 

View More

 

In a world where technologies are evolving rapidly, every company - business needs a partner to rely on and trust for the smooth and secure operation of its network infrastructure.

 

View More
Cisco Training Courses

 

We provide the highest level of expertise on Cisco consultancy services, that target audits of your current network and implementing updates for improved operational performance, secure data and compliant systems.

View More

 

We provide the highest level of expertise on Fortinet consultancy services that target audits of your current network and implementing updates for improved operational performance, secure data and compliant systems.

View More

 

Our team can help enterprises, get the most value from Extreme products and services following our predefined value-added packages or custom ones that fits business needs.

 

View More

 

TXOne Networks provides cybersecurity solutions that ensure the reliability and safety of ICS and OT environments through the OT zero trust methodology protecting assets for their entire life cycle.

 

View More

About Us

Our training portfolio includes a wide range of IT training from IP providers, including Cisco, Extreme Networks, Fortinet, Microsoft, to name a few, in EMEA.

View More

Investigations with Helix, Network and Endpoint Bundle (Helix, HX, NX)

Contact Us

We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.

Data Protection & Privacy

I consent to receive emails and/or calls from Insoft Services related to the Insoft Services´ products and services.
I acknowledge that my data will be collected and processed as described in the Insoft Services privacy policy.

Close

Investigations with Helix, Network and Endpoint Bundle (Helix, HX, NX)

Enroll Now
Investigations with Helix, Network and Endpoint Bundle (Helix, HX, NX)
Duration
4 Days
Delivery
(Online and onsite)
Price
Price Upon Request

This course covers the XDR workflow, including configuring data sources through extended detection via Trellix Helix, Trellix Network Security, and Trellix Endpoint Security (HX). Learners triage Trellix-generated alerts, derive actionable information from those alerts, and inspect affected endpoints using live analysis and investigation fundamentals.

Hands-on activities include writing TQL searches, creating rules, analyzing and validating alerts from Helix, Network Security, and Endpoint Security (HX), deep analysis of endpoint data collections, and response actions through Endpoint Security (HX) such as collecting data from across the enterprise and containing endpoints.

  • Identify the components needed to deploy Trellix Helix, Network Security, and Endpoint Security (HX)
  • Determine which data sources are most useful for Helix detection and investigation
  • Locate and use critical information in a Helix alert to assess a potential threat
  • Comfortably pivot from the Helix web console to native Trellix tools for deep analysis
  • Validate Network Security and Endpoint Security (HX) alerts
  • Use specialized features of Network Security and Endpoint Security (HX) to investigate and respond to potential threats across enterprise systems and endpoints

Day 1

Helix Fundamentals

  • Helix Overview
  • Features and Capabilities
  • Searching and Pivoting
  • 3rd Party Data Sources
  • Custom Dashboards

Data Sources

  • Cloud Data Sources
  • On-premises Data Sources
  • Data Access

Custom Dashboards, Reports, and Lists

  • Custom Dashboards
  • Reports
  • Lists

Search and Trellix Query

  • Language (TQL)
  • Searchable Fields
  • Anatomy of an MQL Search
  • MQL Search, Directive, and Transform Clauses

Day 2

Rules

  • Creating and Enabling Rules
  • Using Regular Expressions in Rules
  • Helix Analytics
  • Multi-stage Rules

Initial Alerts

  • Helix Alerts
  • Guided Investigations
  • Endpoint Security (HX) Alerts
  • Network Security Alerts

Helix Case Management

  • Creating a Case in Helix
  • Adding Events to a Case
  • Case Workflow

Day 3

Data Sources, Trends, and the Attack Lifecycle

  • Threat Landscape
  • Attack Motivations
  • MITRE ATT&CK Framework
  • Emerging Threat Actors

Using Audit Viewer and Redline®

  • Access Triage and Data Collections for Hosts
  • Navigate a Triage Collection or Acquisition using Audit Viewer
  • Apply Tags and Comments to a Triage Collection to Identify Key Events

Windows Telemetry and Acquisitions

  • Live Forensic Overview
  • Windows Telemetry
    • Memory Artifacts
    • System Information
    • Processes
    • File System
    • Configuration Files
    • Services
    • Scheduled Tasks
    • Logging
  • Acquiring Data

Day 4

Investigation Methodology

  • MITRE ATT&CK Framework
  • Mapping Evidence to Attacker Activity
    • Evidence of Initial Compromise
    • Evidence of Persistence
    • Evidence of Lateral Movement
    • Evidence of Internal Reconnaissance
    • Evidence of Data Exfiltration

Capstone: Capture the Flag (CTF)

Security analysts, incident responders, and threat hunters who use Helix, Network Security and Endpoint Security (HX) to detect, investigate, and prevent cyber threats.

Students taking this course should have a working understanding of networking and network security, the Windows operating system, file system, registry, and use of the command line interface (CLI).

This course covers the XDR workflow, including configuring data sources through extended detection via Trellix Helix, Trellix Network Security, and Trellix Endpoint Security (HX). Learners triage Trellix-generated alerts, derive actionable information from those alerts, and inspect affected endpoints using live analysis and investigation fundamentals. Hands-on activities include writing TQL searches, creating rules, analyzing and validating alerts from Helix, Network Security, and Endpoint Security (HX), deep analysis of endpoint data collections, and response actions through Endpoint Security (HX) such as collecting data from across the enterprise and containing endpoints.
  • Identify the components needed to deploy Trellix Helix, Network Security, and Endpoint Security (HX)
  • Determine which data sources are most useful for Helix detection and investigation
  • Locate and use critical information in a Helix alert to assess a potential threat
  • Comfortably pivot from the Helix web console to native Trellix tools for deep analysis
  • Validate Network Security and Endpoint Security (HX) alerts
  • Use specialized features of Network Security and Endpoint Security (HX) to investigate and respond to potential threats across enterprise systems and endpoints

Day 1

Helix Fundamentals

  • Helix Overview
  • Features and Capabilities
  • Searching and Pivoting
  • 3rd Party Data Sources
  • Custom Dashboards

Data Sources

  • Cloud Data Sources
  • On-premises Data Sources
  • Data Access

Custom Dashboards, Reports, and Lists

  • Custom Dashboards
  • Reports
  • Lists

Search and Trellix Query

  • Language (TQL)
  • Searchable Fields
  • Anatomy of an MQL Search
  • MQL Search, Directive, and Transform Clauses

Day 2

Rules

  • Creating and Enabling Rules
  • Using Regular Expressions in Rules
  • Helix Analytics
  • Multi-stage Rules

Initial Alerts

  • Helix Alerts
  • Guided Investigations
  • Endpoint Security (HX) Alerts
  • Network Security Alerts

Helix Case Management

  • Creating a Case in Helix
  • Adding Events to a Case
  • Case Workflow

Day 3

Data Sources, Trends, and the Attack Lifecycle

  • Threat Landscape
  • Attack Motivations
  • MITRE ATT&CK Framework
  • Emerging Threat Actors

Using Audit Viewer and Redline®

  • Access Triage and Data Collections for Hosts
  • Navigate a Triage Collection or Acquisition using Audit Viewer
  • Apply Tags and Comments to a Triage Collection to Identify Key Events

Windows Telemetry and Acquisitions

  • Live Forensic Overview
  • Windows Telemetry
    • Memory Artifacts
    • System Information
    • Processes
    • File System
    • Configuration Files
    • Services
    • Scheduled Tasks
    • Logging
  • Acquiring Data

Day 4

Investigation Methodology

  • MITRE ATT&CK Framework
  • Mapping Evidence to Attacker Activity
    • Evidence of Initial Compromise
    • Evidence of Persistence
    • Evidence of Lateral Movement
    • Evidence of Internal Reconnaissance
    • Evidence of Data Exfiltration

Capstone: Capture the Flag (CTF)

Security analysts, incident responders, and threat hunters who use Helix, Network Security and Endpoint Security (HX) to detect, investigate, and prevent cyber threats.

Students taking this course should have a working understanding of networking and network security, the Windows operating system, file system, registry, and use of the command line interface (CLI).