Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Introduction and Course Orientation
- Course objectives, expected outcomes, and setup of the laboratory environment.
- Overview of EDR concepts and the OpenEDR platform architecture.
- Understanding endpoint telemetry and data sources.
OpenEDR Deployment
- Installing OpenEDR agents on Windows and Linux endpoints.
- Setting up the OpenEDR server and associated dashboards.
- Configuring basic telemetry and logging settings.
Basic Detection and Alerting
- Understanding event types and their significance.
- Configuring detection rules and thresholds.
- Monitoring alerts and notifications.
Event Analysis and Investigation
- Analyzing events for suspicious patterns.
- Mapping endpoint behaviors to common attack techniques.
- Utilizing OpenEDR dashboards and search tools for investigations.
Response and Mitigation
- Responding to alerts and suspicious activity.
- Isolating endpoints and mitigating threats.
- Documenting actions and integrating them into incident response processes.
Integration and Reporting
- Integrating OpenEDR with SIEM or other security tools.
- Generating reports for management and stakeholders.
- Best practices for continuous monitoring and alert tuning.
Capstone Laboratory and Practical Exercises
- Hands-on laboratory simulation of real-world endpoint threats.
- Applying detection, analysis, and response workflows.
- Review and discussion of laboratory results and lessons learned.
Summary and Next Steps
Requirements
- A solid understanding of foundational cybersecurity concepts.
- Practical experience with Windows and/or Linux administration.
- Familiarity with endpoint protection or monitoring solutions.
Target Audience
- IT and security professionals beginning their journey with endpoint detection tools.
- Cybersecurity engineers.
- Security staff within small to mid-sized businesses.
14 Hours
Testimonials (2)
Clarity and pace of explanations
Federica Galeazzi - Aethra Telecomunications SRL
Course - AI-Powered Cybersecurity: Advanced Threat Detection & Response
It did give me the insight what I needed :) I am starting teaching on a BTEC Level 3 qualification and wanted to widen my knowledge in this area.