Detect and Respond Endpoint

Detect and Respond Endpoint

Builds on foundational security tools to mitigate sophisticated cyber-attacks.

About this course

Detect and Respond Endpoint builds on foundational security tools to rapidly identify and halt the most sophisticated cyber-attacks, minimizing harm and reducing risk to client endpoints. This course describes how you can leverage forensics and intelligent automation to identify advanced malware and attacks using market-leading endpoint detect and respond technology from SentinelOne, backed by a $1M ransomware guarantee.

Objectives:

  • Explains how the SOC can identify, analyze, mitigate, and remediate active threats through blocking and rollback procedures.
  • Shows the SentinelOne multi-tenant console.
  • Defines the threat classifications and various sections viewable on the dashboard.
  • Describes how to initiate setup, install the agent, and access the multi-tenant console.

Completion of this course is required to evaluate Detect and Respond Endpoint.

Curriculum00:28:03

  • Introduction
  • What is Detect and Respond Endpoint 00:02:39

    Provides an overview of Detect and Respond Endpoint and explains how the Continuum SOC identifies, analyzes, mitigates, and remediates active threats or attacks.

  • Technical Setup
  • Using the SentinelOne Console

    Gives an overview of how to complete common tasks required for setup and ongoing management of your Detect and Respond Endpoint environment.

  • SentinelOne Management Console Overview 00:04:16

    Reviews the SentinelOne console and identifies important configuration and management features.

  • Creating SentinelOne Management Console Users 00:01:32

    Reviews user roles available in the SentinelOne Console and shows how to create a user.

  • Integrating SMTP Servers 00:01:08

    Explains how to configure integration with SMTP to support email notification of alerts.

  • Configuring Email Notification 00:00:59

    Explains how to configure email notifications of alerts.

  • Creating Static Groups 00:02:36

    Explains how to create static groups and assign devices to the group.

  • Working with Site and Group Assets 00:04:50

    Explains the hierarchy for site and group assets including policies, blacklists, and exclusions.

  • How to Install Agents 00:02:35

    Defines the SentinelOne agent installation process.

  • Using Continuum Scripting for Installation

    Links to the Doc Center and details the script creation steps for SentinelOne agent deployment.

  • Configurations for Virtual Machines 00:02:47

    Defines pre-requisites needed when using SentinelOne in a VMware or Hyper-V environment.

  • How to Set Exclusions 00:03:06

    Defines how to set exclusions for a site or a group.

  • Creating Insight Reports 00:01:35

    Discusses how to create insight reports in the SentinelOne console.

About this course

Detect and Respond Endpoint builds on foundational security tools to rapidly identify and halt the most sophisticated cyber-attacks, minimizing harm and reducing risk to client endpoints. This course describes how you can leverage forensics and intelligent automation to identify advanced malware and attacks using market-leading endpoint detect and respond technology from SentinelOne, backed by a $1M ransomware guarantee.

Objectives:

  • Explains how the SOC can identify, analyze, mitigate, and remediate active threats through blocking and rollback procedures.
  • Shows the SentinelOne multi-tenant console.
  • Defines the threat classifications and various sections viewable on the dashboard.
  • Describes how to initiate setup, install the agent, and access the multi-tenant console.

Completion of this course is required to evaluate Detect and Respond Endpoint.

Curriculum00:28:03

  • Introduction
  • What is Detect and Respond Endpoint 00:02:39

    Provides an overview of Detect and Respond Endpoint and explains how the Continuum SOC identifies, analyzes, mitigates, and remediates active threats or attacks.

  • Technical Setup
  • Using the SentinelOne Console

    Gives an overview of how to complete common tasks required for setup and ongoing management of your Detect and Respond Endpoint environment.

  • SentinelOne Management Console Overview 00:04:16

    Reviews the SentinelOne console and identifies important configuration and management features.

  • Creating SentinelOne Management Console Users 00:01:32

    Reviews user roles available in the SentinelOne Console and shows how to create a user.

  • Integrating SMTP Servers 00:01:08

    Explains how to configure integration with SMTP to support email notification of alerts.

  • Configuring Email Notification 00:00:59

    Explains how to configure email notifications of alerts.

  • Creating Static Groups 00:02:36

    Explains how to create static groups and assign devices to the group.

  • Working with Site and Group Assets 00:04:50

    Explains the hierarchy for site and group assets including policies, blacklists, and exclusions.

  • How to Install Agents 00:02:35

    Defines the SentinelOne agent installation process.

  • Using Continuum Scripting for Installation

    Links to the Doc Center and details the script creation steps for SentinelOne agent deployment.

  • Configurations for Virtual Machines 00:02:47

    Defines pre-requisites needed when using SentinelOne in a VMware or Hyper-V environment.

  • How to Set Exclusions 00:03:06

    Defines how to set exclusions for a site or a group.

  • Creating Insight Reports 00:01:35

    Discusses how to create insight reports in the SentinelOne console.