Investigating and Hunting Threats in Falcon Next-Gen SIEM
Learn the best use of CrowdStrike Falcon® Next-Gen SIEM for incident threat hunting. In this course you will learn how to query and leverage third-party data, analyze historical data and correlate events. You will learn how to establish a proactive approach to security monitoring by continuously analyzing SIEM data for potential threats, vulnerabilities, or indicators of compromise.
Learn how to:
- Apply threat hunting techniques in Next-Gen SIEM
- Search for threats and vulnerabilities with CrowdStrike Query Language (CQL)
- Query first-party and third-party data from one place
- Manage correlation rules
- Correlate and analyze events
- Design and implement custom dashboards to effectively and proactively monitor real-time events and threats
- Enhance efficiency and response times
