Open Source/RSA NetWitness Platform Foundations 11.3

RSA NetWitness Platform Foundations 11.3 Certification Training Course Overview

This study hall based course gives a review of basic regulatory undertakings that are acted so as to get the RSA NetWitness Platform fully operational. Understudies gain understanding into designing hosts and benefits and overseeing clients inside RSA NetWitness Platform and addition functional experience by playing out a progression of hands-on labs.

Audience :

  • Anybody keen on the best way to manage the RSA NetWitness Platform. 

RSA NetWitness Platform Foundations 11.3 (24 Hours) Download Course Contents

Live Virtual Classroom 5200
Group Training Date On Request
1-on-1 Training (GTR)
4 Hours
8 Hours
Week Days

Start Time : At any time

12 AM
12 PM

GTR=Guaranteed to Run
Classroom Training (Available: London, Dubai, India, Sydney, Vancouver)
Duration : On Request
Fee : On Request
On Request
Special Solutions for Corporate Clients! Click here
Hire Our Trainers! Click here

Course Modules

Module 1: RSA NetWitness Platform Overview
  • RSA NetWitness Platform components and architecture
  • RSA NetWitness Data
  • RSA NetWitness Interface
Module 2: Investigation Basics
  • What is metadata?
  • Differentiating between packets and logs
  • Differentiating between data and metadata
  • Customizing the investigation screens
  • Viewing reconstructed events
  • Writing simple and complex queries
  • Describing the purpose of meta key indexing
  • Customizing data and meta data displays
  • Creating data visualizations
  • Creating meta groups
  • Creating custom column groups
  • Using complex queries, drills and views to perform investigations
  • The Context Hub
Module 3: Refining the Dataset
  • Filtering data with rules
  • Taxonomy concepts for metadata
  • Using Application rules to create new meta
  • Using Correlation rules to create new meta
  • Deploying content from RSA Live to create new meta
  • Describing how parsers populate meta keys
  • Creating feeds
  • Using alerts and metadata to investigate potential threats
Module 4: Reporting and Alerting
  • Configuring the Reporting Engine and RESPOND
  • Creating reports
  • Creating alerts to identify future threats
Module 5: Event Stream Analysis
  • Configuring ESA
  • Creating ESA alerts
  • Best practices and approaches
Module 6: Incident Management and Respond
  • Components of the RESPOND module
  • Viewing alerts and incidents
  • Incident Rules
Module 7: Endpoint Insights Agent
  • Insight configurations
  • Endpoint investigation
  • Hots/Files
Module 8: UEBA Concepts
  • How UEBA works
  • Analyzing logon activity
Download Course Contents

Request More Information

Course Prerequisites
  • RSA NetWitness Platform Foundations

After completion of this course, you will learn how to : 

  • Describe the RSA NetWitness Platform Architecture
  • Configure RSA NetWitness has
  • Configure RSA NetWitness framework settings
  • Describe the RSA NetWitness authorizing model
  • Configure Event Stream Analysis
  • Configure the Archiver
  • Configure RSA Live
  • Configure the Context Hub
  • Configure the Reporting Engine
  • Manage NetWitness benefits on the direction line
  • Gather information for RSA Customer Support utilizing a content
  • Configure the NetWitness Endpoint Log Hybrid
  • Generate and send the NetWitness Endpoint Agents
  • Configure NetWitness Endpoint specialists
  • Describe the RSA NetWitness trust model
  • Create and oversee NetWitness clients
  • Describe/investigate NetWitness clients
  • Configure outside confirmation utilizing Active Directory
  • Configure outside confirmation utilizing SecurID
  • Configure information protection



Yes, fee excludes local taxes.