PART 1: Incident Response - Examine the Enemy

This lab is Part 1 of a 2-part lab series that focuses on the entire incident response lifecycle. This lab starts with hunting and examining evidence in an environment to find the enemy within. You will leave understanding Tanium capabilities to help identify and scope an incident.

Pre-Req(s): Basic understanding of Tanium and Modules

Note: PART 1: Incident Response - Examine the Enemy and PART 2: Incident Response - Expel the Enemy are scheduled to be taken on the same day. During registration once you select PART 1: Incident Response - Examine the Enemy you will automatically be registered for PART 2: Incident Response - Expel the Enemy.

Location Name
Verbena - 4th Floor

Additional details:

Investigation & Remediation
Session Type
In-Person, Lab
Asset, Comply, Impact, Interact, Performance, Threat Response, Reporting, SBOM
Tanium Platform, Risk & Security, Microsoft & ServiceNow Integrations
Construction, Education, Entertainment, Financial Services, Government - Federal, Government - Local, Healthcare & Life Sciences, Holding Companies & Conglomerates, Insurance, Law Firms & Legal Services, Media & Internet, Media & Telecommunications, Non-Profit & Charitable Organizations, Professional & Business Services, Real Estate, Retail & Hospitality, Software & Technology, Other, Agriculture, Mining & Raw Materials, Energy, Utilities & Waste, Facilities, Lodging & Resorts, Clinics, Manufacturing, Construction & Wholesale, Trade, Transportation Service, Hospitals & Physicians