PART 1: Incident Response - Examine the Enemy
This lab is Part 1 of a 2-part lab series that focuses on the entire incident response lifecycle. This lab starts with hunting and examining evidence in an environment to find the enemy within. You will leave understanding Tanium capabilities to help identify and scope an incident. Pre-Req(s): Basic understanding of Tanium and Modules Note: PART 1: Incident Response - Examine the Enemy and PART 2: Incident Response - Expel the Enemy are scheduled to be taken on the same day. During registration once you select PART 1: Incident Response - Examine the Enemy you will automatically be registered for PART 2: Incident Response - Expel the Enemy.
Location Name
Palm Park A - 7th Floor
Additional details:
Session Tag
Investigation & Remediation
Session Type (Grey Bubble)
In-Person, Lab
Modules
Asset, Comply, Impact, Interact, Performance, Threat Response, Reporting, SBOM
Difficulty
Intermediate/Advanced
Focus
Tanium Platform, Risk & Security, Microsoft & ServiceNow Integrations
Industry
Construction, Education, Entertainment, Financial Services, Government - Federal, Government - Local, Healthcare & Life Sciences, Holding Companies & Conglomerates, Insurance, Law Firms & Legal Services, Media & Internet, Media & Telecommunications, Non-Profit & Charitable Organizations, Professional & Business Services, Real Estate, Retail & Hospitality, Software & Technology, Other, Agriculture, Mining & Raw Materials, Energy, Utilities & Waste, Facilities, Lodging & Resorts, Clinics, Manufacturing, Construction & Wholesale, Trade, Transportation Service, Hospitals & Physicians