Detailed Course Outline
XDR Concepts
- Collecting telemetry
- Data correlation
- MITRE ATT&CK
Trend Micro Vision One
- How Trend Micro Vision One fits into the Trend Micro One platform
- Trend Micro Vision One core capabilities
- Trend Micro Vision One features for XDR
- Trend Micro Vision One apps
Connecting Trend Micro Products
- Collecting security events
- Connecting Trend Micro Apex One™ as a Service
- Connecting Deep Security™ Software
- Connecting Trend Micro Cloud One™ – Endpoint & Workload Security
- Connecting Cloud App Security
- Connecting the Service Gateway
- Connecting Web Security™
- Connecting Deep Discovery™ Inspector
- Connecting TippingPoint™ SMS
Enabling XDR Sensors
- Installing Endpoint Basecamp
- Creating Endpoint Groups and Security Policies
- Enabling endpoint sensors
- Enabling email sensors
- Enabling network sensors
- Enabling web sensors
Integrating with Third-Party Products
- Integration purposes
Using the XDR Apps
- XDR apps
- Viewing raw security event and activity data
- Filtering security event and activity data
- Workbenches
- Workbench actions
- Execution profiles
- Network analytics
- Automating responses
- Targeted attack detection
- Response management
- Managed XDR service
Sharing Threat Intelligence
- Curated and custom intelligence reports
- Suspicious object management
- Sandbox analysis
Searching the Data Lake
- Simple and complex search syntax
- Search tips
- Watchlists
Responding to Incidents Using Security Playbooks
- Playbook templates
- Playbook triggers
- Playbook conditions
- Playbook actions