RSA NetWitness Platform Foundations 11.3 Course Overview

This study hall based course gives a review of basic regulatory undertakings that are acted so as to get the RSA NetWitness Platform fully operational. Understudies gain understanding into designing hosts and benefits and overseeing clients inside RSA NetWitness Platform and addition functional experience by playing out a progression of hands-on labs.

Audience :

  • Anybody keen on the best way to manage the RSA NetWitness Platform. 

This is a Rare Course and it can be take up to 3 weeks to arrange the training.

  • 1. Do you have limited Window for training?
  • 2. Can you only spend 4-hours per day?
  • 3. Do you want to start training immediately?
  • If your answer is yes to any one of the above, you need 1-on-1- Training
The 1-on-1 Advantage
Flexible Dates
4-Hour Sessions
  • View video
  • The course will be free if we are not able to start within 7 days of booking.
  • Only applicable for courses on which this logo appears.

Your will learn:

Module 1: RSA NetWitness Platform Overview
  • RSA NetWitness Platform components and architecture
  • RSA NetWitness Data
  • RSA NetWitness Interface
  • What is metadata?
  • Differentiating between packets and logs
  • Differentiating between data and metadata
  • Customizing the investigation screens
  • Viewing reconstructed events
  • Writing simple and complex queries
  • Describing the purpose of meta key indexing
  • Customizing data and meta data displays
  • Creating data visualizations
  • Creating meta groups
  • Creating custom column groups
  • Using complex queries, drills and views to perform investigations
  • The Context Hub
  • Filtering data with rules
  • Taxonomy concepts for metadata
  • Using Application rules to create new meta
  • Using Correlation rules to create new meta
  • Deploying content from RSA Live to create new meta
  • Describing how parsers populate meta keys
  • Creating feeds
  • Using alerts and metadata to investigate potential threats
  • Configuring the Reporting Engine and RESPOND
  • Creating reports
  • Creating alerts to identify future threats
  • Configuring ESA
  • Creating ESA alerts
  • Best practices and approaches
  • Components of the RESPOND module
  • Viewing alerts and incidents
  • Incident Rules
  • Insight configurations
  • Endpoint investigation
  • Hots/Files
  • How UEBA works
  • Analyzing logon activity
Live Online Training (Duration : 24 Hours) Fee On Request
Group Training Date On Request
1-on-1 Training
4 Hours
8 Hours
Week Days

Start Time : At any time

12 AM
12 PM

1-On-1 Training is Guaranteed to Run (GTR)
Classroom Training (Available: London, Dubai, India, Sydney, Vancouver)
Duration : On Request
Fee : On Request
On Request
Classroom Training is available. Enquire for the fee Click
Ultra-Fast Track

If you can't spare 24 hours. We can offer you an Ultra-Fast Track for 12 hours

Course Prerequisites
  • RSA NetWitness Platform Foundations

After completion of this course, you will learn how to : 

  • Describe the RSA NetWitness Platform Architecture
  • Configure RSA NetWitness has
  • Configure RSA NetWitness framework settings
  • Describe the RSA NetWitness authorizing model
  • Configure Event Stream Analysis
  • Configure the Archiver
  • Configure RSA Live
  • Configure the Context Hub
  • Configure the Reporting Engine
  • Manage NetWitness benefits on the direction line
  • Gather information for RSA Customer Support utilizing a content
  • Configure the NetWitness Endpoint Log Hybrid
  • Generate and send the NetWitness Endpoint Agents
  • Configure NetWitness Endpoint specialists
  • Describe the RSA NetWitness trust model
  • Create and oversee NetWitness clients
  • Describe/investigate NetWitness clients
  • Configure outside confirmation utilizing Active Directory
  • Configure outside confirmation utilizing SecurID
  • Configure information protection


Request More Information

Add Name and Email Address of participant (If different from you)


Yes, fee excludes local taxes.
The Fee includes:
  • Official courseware
Yes, Koenig Solutions is a Open Source Learning Partner