top of page
Course Highlights
Hands on Training
Certified & Experienced Trainers
Request for Flexible Timings
Certificate of Completion
Courses
Course Description
This primer on FireEye Helix covers the Helix workflow, from triaging Helix alerts, creating and scoping cases and using Helix and Endpoint Security tools to conduct investigative searches across the enterprise. Handson activities include writing MQL searches as well as analyzing and validating Helix, Network Security and Endpoint Security alerts.
About
Target Audience
Incident response team members, threat hunters and information security professionals
Course Pre-Requisite
Completion of three FireEye web-based training courses prior to the instructor-led portion of the course: Network Security for Helix, Central Management for Helix, Endpoint Security for Helix. Details on these courses will be provided to registrants of the FireEye Helix instructor-led training course.
Students should have a working understanding of networking and network security, the Windows operating system, file system, registry, and use of the CLI.
Course Outline
After completing this course, learners should be able to:
• Identify the components needed to deploy Helix
• Determine which data sources are most useful for Helix detection and investigation
• Search log events across the enterprise
• Locate and use critical information in a Helix alert to assess a potential threat
• Pivot between the Helix web console and FireEye Network and Endpoint Security platforms
• Validate Network Security and Endpoint Security alerts
• Use specialized features of Network Security and Endpoint Security to investigate and respond to potential threats across enterprise systems and endpoints
• Actively hunt for unknown attackers
Testimonials
Form
bottom of page