Free Training|

Endpoint Detection and Response (EDR)

All certified courses

This course is intended to help customers understand how Qualys EDR is set up and configured to enhance the endpoint security posture by preventing, detecting, and responding to advanced threats. Learners will also understand how to investigate events and incidents and hunt for threats.

This course will teach participants to set up, configure and operate Qualys EDR. By completing this course, you should be able to meet the following objectives:

  • Describe what EDR is and what its main benefits and features are.

  • Understand the requirements for EDR and anti-malware, and how to configure Cloud Agents for EDR.

  • Identify the activities monitored by EDR, as well as the events and incidents they generate.

  • Demonstrate how to use EDR for threat hunting and anti-malware.

  • Define the available methods to respond to events and incidents.

Agenda

  1. Introduction to Qualys EDR

  2. EDR Activation and Setup

  3. Working with Qualys EDR

  4. Investigating Events and Incidents

  5. Hunt for Threats

  6. Anti-Malware

  7. Respond to Prioritized Events

  8. Configure Rule-Based Alerts

  9. Correlate Prevention across Multiple Vectors

Hands-on labs or lab simulation will cover the following topics to complement the coursework:

  1. EDR Activation and Asset Information

  2. Exploring EDR Events

  3. Exploring EDR Incidents

  4. Threat Hunting in EDR

  5. Exploring the Anti-Malware Feature in EDR

  6. Responding to EDR Incidents

  7. Configuring and Responding to Alerts in EDR

  8. Incident Correlation

Certifications are the recommended method for learning Qualys technology. Courses with certifications provide videos, labs, and exams built to help you retain information.