Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Introduction & Course Orientation
- Course objectives, expected outcomes, and lab environment setup.
- Overview of EDR concepts and OpenEDR platform architecture.
- Understanding endpoint telemetry and data sources.
OpenEDR Deployment
- Installing OpenEDR agents on Windows and Linux endpoints.
- Setting up the OpenEDR server and dashboards.
- Configuring basic telemetry and logging.
Basic Detection and Alerting
- Understanding event types and their significance.
- Configuring detection rules and thresholds.
- Monitoring alerts and notifications.
Event Analysis & Investigation
- Analyzing events for suspicious patterns.
- Mapping endpoint behaviors to common attack techniques.
- Utilizing OpenEDR dashboards and search tools for investigation.
Response & Mitigation
- Responding to alerts and suspicious activity.
- Isolating endpoints and mitigating threats.
- Documenting actions and integrating into incident response.
Integration & Reporting
- Integrating OpenEDR with SIEM or other security tools.
- Generating reports for management and stakeholders.
- Best practices for continuous monitoring and alert tuning.
Capstone Lab & Practical Exercises
- Hands-on lab simulating real-world endpoint threats.
- Applying detection, analysis, and response workflows.
- Review and discussion of lab results and lessons learned.
Summary and Next Steps
Requirements
- A foundational understanding of cybersecurity principles.
- Practical experience with Windows and/or Linux administration.
- Familiarity with endpoint protection or monitoring solutions.
Target Audience
- IT and security professionals beginning their journey with endpoint detection tools.
- Cybersecurity engineers.
- Security staff in small to mid-sized enterprises.
14 Hours
Testimonials (2)
Clarity and pace of explanations
Federica Galeazzi - Aethra Telecomunications SRL
Course - AI-Powered Cybersecurity: Advanced Threat Detection & Response
It did give me the insight what I needed :) I am starting teaching on a BTEC Level 3 qualification and wanted to widen my knowledge in this area.