2019 Training
Who should attend:
Network security professionals, incident responders and FireEye administrators and analysts who must work with alerts generated by FireEye Network Security and Email Security products.
Course prerequisites:
Completion of at least one instructor-led or web-based FireEye deployment training course or experience administering FireEye appliances. A working understanding of networking and network security, the Windows operating system, file system, registry and use of the CLI.
What students should bring:
All students must bring a laptop equipped with one of the following browsers: Chrome (latest), Firefox (latest), or Internet Explorer (10 or greater). Wireshark is recommended.
Who should attend:
Managers of technical information security teams and analytic and technical professionals familiar with threat intelligence.
Course prerequisites:
Working understanding of basic information security principles and general understanding of threat intelligence.
What students should bring:
It is recommended that students bring a laptop with a version of Microsoft Windows 7 or newer installed, Administrator access, a minimum of 25GB free space, wireless capabilities, and Microsoft Office or Open Office installed.
Who should attend:
Network security professionals and incident responders who will be using FireEye products to assist with their network and endpoint hunting responsibilities.
Course prerequisites:
Completion of the FireEye Endpoint Security (HX) Deployment and FireEye Network Forensics (PX) courses - access will be provided to these web-based training courses prior to attending the Cyber Threat Hunting course. A working understanding of networking and network security, the Windows operating system, file system, registry and regular expressions, and experience scripting in Python.
What students should bring:
All students must bring a laptop equipped with one of the following browsers: Chrome (latest), Firefox (latest), or Internet Explorer (10 or greater). Wireshark is recommended.
Who should attend:
Information technology staff, information security staff, corporate investigators and others who need to understand how malware functions operate and the processes involved in malware analysis.
Course prerequisites:
General knowledge of computer and operating system fundamentals. Exposure to computer programming fundamentals and Windows Internals experience (recommended).
What students should bring:
Students must bring their own laptop computer with VMware Workstation 12.5+ or VMWare Fusion 7+ installed. Laptops should have at least 30GB of free space. Students must also be able to install software provided on a USB device.
Who should attend:
Network security professionals, incident responders and FireEye administrators and analysts who must work with Helix Threat Analytics to analyze data in noisy event streams.
Course prerequisites:
A working understanding of networking and network security, the Windows operating system, file system, registry and use of the command line interface (CLI).
What students should bring:
All students must bring a laptop equipped with one of the following browsers: Chrome (latest), Firefox (latest), or Internet Explorer (10 or greater). Wireshark is recommended.
Who should attend:
Network security professionals and incident responders who must use FireEye Endpoint Security to investigate, identify and stop cyber threats.
Course prerequisites:
Completion of the Endpoint Security Deployment course -- access will be provided to this web-based training course prior to attending the Investigations with Endpoint Security course. A working understanding of networking and network security, the Windows operating system, file system, registry and regular expressions, and experience scripting in Python.
What students should bring:
All students must bring a laptop equipped with one of the following browsers: Chrome (latest), Firefox (latest), or Internet Explorer (10 or greater). Wireshark and Redline are recommended.
Who should attend:
Information technology and security staff, corporate investigators and other staff members who need to understand networks, network traffic, network traffic analysis and network intrusion investigations.
Course prerequisites:
A basic understanding of TCP/IP and Windows and UNIX platforms. Familiarity with security terminology and a working knowledge of Wireshark is also recommended.
What students should bring:
Students will need to bring a laptop computer with Windows 7 or newer operating system installed, Core i5 or equivalent processor, 6 GB (preferably 8 GB) of RAM and 25 GB or more of free HDD space, wireless capabilities, Microsoft Office or Open Office installed, and must be able to boot from a USB device. Virtual machines are acceptable provided at least 4 GB of RAM can be allocated.
Who should attend:
This is a fast-paced technical course that is designed to provide hands-on experience with investigating targeted attacks and the analysis steps required to triage compromised systems. The content and pace are intended for students with some background in conducting forensic analysis, network traffic analysis, log analysis, security assessments, and penetration testing, or even security architecture and system administration duties. It is also well suited for those managing CIRT / incident response teams or in roles that require oversight of forensic analysis and other investigative tasks.
Course prerequisites:
A working understanding of the Windows operating system, file system, registry, and use of the command-line. Familiarity with Active Directory, basic Windows security controls, and common network protocols.
What students should bring:
Students must bring their own laptop or virtual machine with a version of Microsoft Windows 7 or newer installed, Administrator access, a minimum of 25GB free space, wireless capabilities, Microsoft Office or Open Office installed, and must be able to install software provided on a USB device.