Home Training NetWitness Content Development Training

Courses

 

NetWitness Analyst - Level II – Content Development

This two-day course will focus NetWitness content development.  Analyst will learn how-to develop application rules for detection, configure feed parsers to model environments and identify known malicious systems, and tie it all together through reporting and alerting using Informer.

Prerequisites – NetWitness Basic Investigator Training

Course Outline 

  • Introductions
  • Technology Overview
  • Product Overview
  • Content Development
    • Environment Modeling
      • GeoIP Override configuration
      • Feed Parser configuration
  • Detection
    • Feed Parser as a Threat Feed
    • Basic Application Filtering
    • Basic Application Rule Creation
    • Advanced Application Rules
  • Reporting and Alerting
    • Informer Content Creation
      • Rules
      • Reports
      • Alerts
      • Charts/Dashboards
    • Content Development Best Practices
    • Creating NetWitness Content Packages
  • Use Case Discussion
  • NetWitness 3rd Party Integration
  • Hands-on Exercises

Contact us for more informationabout NetWitness Training