PART 1: Incident Response - Examine the Enemy

This lab is Part 1 of a 2-part lab series that focuses on the entire incident response lifecycle. This lab starts with hunting and examining evidence in an environment to find the enemy within. You will leave understanding Tanium capabilities to help identify and scope an incident.

Pre-Req(s): Basic understanding of Tanium and Modules

Note: PART 1: Incident Response - Examine the Enemy and PART 2: Incident Response - Expel the Enemy are scheduled to be taken on the same day. During registration once you select PART 1: Incident Response - Examine the Enemy you will automatically be registered for PART 2: Incident Response - Expel the Enemy.

Additional details:

Session Tag
Investigation & Remediation
Session Type
Virtual, Self-Service Lab
Asset, Comply, Impact, Interact, Performance, Threat Response, Reporting, SBOM
Security, Operations, Risk
Construction, Education, Entertainment, Financial Services, Government - Federal, Government - Local, Healthcare & Life Sciences, Holding Companies & Conglomerates, Insurance, Law Firms & Legal Services, Media & Internet, Media & Telecommunications, Non-Profit & Charitable Organizations, Professional & Business Services, Real Estate, Retail & Hospitality, Software & Technology, Other, Agriculture, Mining & Raw Materials, Energy, Utilities & Waste, Facilities, Lodging & Resorts, Clinics, Manufacturing, Construction & Wholesale, Trade, Transportation Service, Hospitals & Physicians