This lab shows you how to pivot from alerts to threat hunting with Opentext Network Detection and Response (NDR). Convert alerts into targeted investigations, uncover hidden security threats, and enhance your security knowledge in this interactive session.
In today's increasingly complex cybersecurity landscape, Security Operations Center (SOC) analysts need efficient and effective methods for identifying, analyzing, and responding to threats.
This hands-on lab will guide you through a step-by-step process to investigate and assess the full scope of detected threats using Network Detection and Response (NDR) tools.
Throughout the lab, you will assume the role of a SOC analyst tasked with investigating alerts. You will learn how to:
- Analyze Severity 1 alerts and their metadata to pinpoint and understand the nature of potential threats.
- Organize and filter alerts by category and alert message to quickly identify patterns and specific indicators of compromise (IOCs).
- Utilize recorded network metadata to evaluate the scope of an attack and initiate a threat hunt based on source IP addresses and services.
- Determine the most appropriate response to potential threats, including identifying vulnerable applications and preventing exploitation.
By the end of the lab, you will have gained valuable insights into a streamlined process for identifying, pivoting, and filtering through data to hunt for threats across your environment. This hands-on experience will save your security analysts significant time and enable them to respond effectively to potential threats.
If you are interested in enhancing your skills and improving your organization's threat detection and response capabilities, join us in this engaging and practical lab session.
- Firefox, Chrome, or Edge browser (or Safari on a Mac)