Course Information
Registration period
Year-round Recruitment
Course Level
Study Mode
Duration
3 Hour(s) 45 Minute(s)
Language
English
Taught by
Hailie Shaw
Rating
Course Overview
Disclaimer: This course offered independently by Blue Team Consulting, LLC and is not affiliated with CrowdStrike, Inc.
Module 1: Console Overview Get acquainted with the CrowdStrike console, your command center for proactive threat detection and incident response. Explore its interface, functionalities, and navigation to ensure a solid foundation for the rest of the course.
Module 2: Where to Spend Your Time Learn to prioritize effectively in a dynamic threat landscape. Understand the critical areas of focus within the CrowdStrike console to optimize your time and as it pertains to SOC work.
Module 3: Triaging a Detection Master the art of rapid detection triage. Develop skills to assess the severity of a detection, determine its scope, and decide on appropriate immediate actions.
Module 4: Useful Open Source Tools to Use Discover a curated toolkit of open-source resources that complement the CrowdStrike platform. Explore how to leverage these tools to enhance your threat intelligence and investigative capabilities.
Module 5: Event Search / CQL Delve into advanced event search techniques and learn how to craft powerful queries in CQL. Learn how to conduct host analysis and leveraging endpoint logs to your advantage.
Module 6: Real-Time Response Features Equip yourself with CrowdStrike's real-time response arsenal. Dive into containment strategies, remote actions, scripting, and other instant response capabilities.
Module 7: Sandbox & Blocking Actions Explore the CrowdStrike sandbox environment and understand its role in threat analysis. Learn to implement blocking actions effectively to halt threats in their tracks.
Module 8: Whitelisting / Exclusions Navigate the nuances of whitelisting and exclusions. Gain insights into striking the right balance between security and operational efficiency.
Module 9: Putting It All Together Immerse yourself in realistic scenarios where you'll apply your newfound knowledge. Walk through end-to-end incident response processes, from detection to resolution.
Module 10: Where to Go Next Chart your future course in the realm of cybersecurity. Discover avenues for continued learning, specialization, and skill refinement to stay ahead in the ever-evolving threat landscape.
Course Content
- 1 section(s)
- 18 lecture(s)
- Section 1 CrowdStrike: for SOC Analysts
What You’ll Learn
- Create Custom Rules and Policies
- Understand CrowdStrike Fundamentals
- Analyze Endpoint Data
- Detect and Investigate Threats
- Console Navigation and Features
- Real Time Response Actions and Scripts
- Threat Hunt in CrowdStrike
Skills covered in this course
Reviews
-
DDevarapallivinay Kumar
ok want deep explanation on live practice and all
-
RRiyan S
you should make a demo that there's an alert of domain and it blocked by the cs
-
HHope Barwig
It was good for an introduction and exposure to features of the tool and interface.
-
RRob Austin
Materials are heavily outdated due to Crowdstrike no longer using Splunk for their search functionality within the tool. Other content was fine, but many of the search and correlation modules are irrelevant due to Splunk being replaced with Logscale.
