Analyzing Windows Host Data

Analyzing Windows Host Data

Purchase

To purchase this eLearning please click "Purchase" below. If you are purchasing for someone else please check "This is for someone else".

The eLearning is priced at $ 200.00 USD per participant


Summary

Windows servers and workstations are a common entry-point for attackers, so analyzing events from these systems can provide valuable information that will help support your overall threat hunting program. In this class, you will learn how to use the Elastic Stack to perform Windows event analysis.
Note: This course is a module of the Security Analytics specialization.

Description

You’ll start by using Beats to collect and centralize host level events, and then you’ll learn how to analyze these events once they have been shipped to Elasticsearch. After completing this course, you’ll be able to use the Elastic Stack to better harden your Windows security.

Topics Covered

  • Anatomy of a Windows Event
  • Elastic Beats for Windows
  • Building Dashboards
  • Enriching Windows Event Data
Download Course Outline

Length

2-3 hours

Network Security Analysts, Security Practitioners, Information Security Consultants, System Administrators

Language

English

Prerequisites

We recommend you have taken Kibana Data Analysis and Elasticsearch Engineer I or possess equivalent knowledge.

Requirements

  • Stable internet connection
  • Mac, Linux, or Windows
  • Latest version of Chrome or Firefox (Safari is not 100% supported)
  • Due to virtual classroom JavaScript requirements, we recommend that you disable any ad-blockers and restart your browser before class.

Additional Information

Training Specializations

This course is a module of the Security Analytics specialization. Find out how our focused Training Specializations can help you with your use case.

General Training Information

All training materials are provided via the Elastic training portal. Have training questions? Review our FAQ or email us.