This course covers the XDR workflow, including configuring data sources through extended detection via Trellix Helix, Trellix Network Security, and Trellix Endpoint Security (HX). Learners triage Trellix-generated alerts, derive actionable information from those alerts, and inspect affected endpoints using live analysis and investigation fundamentals.Hands-on activities include writing TQL searches, creating rules, analyzing and validating alerts from Helix, Network Security, and Endpoint Security (HX), deep analysis of endpoint data collections, and response actions through Endpoint Security (HX) such as collecting data from across the enterprise and containing endpoints.
Who Should Attend:
Security analysts, incident responders, and threat hunters who use Helix, Network Security and Endpoint Security (HX) to detect, investigate, and prevent cyber threats.
To learn more about this course, or to schedule a private session for your team, contact your Trellix account manager.
*Voucher quantity and cost can vary by region and local currency. Please contact your region team for further details. Default delivery cost is for US using USD$.