Alert Analysis and Investigations with Network and Endpoint Security: August 22 - 25, 2022

This 4-day course examines how to triage alerts generated by Network and Endpoint Security, derive actionable information from those alerts, and apply the fundamentals of live analysis and investigation to investigate associated endpoints.

Hands-on activities span the entire analysis and live investigation process, beginning with a Trellix-generated alert, leading to discovery and analysis of the host for evidence of malware and other unwanted intrusion. Endpoint analysis focuses on investigation techniques using features of Endpoint security, such as the Triage Summary, Audit Viewer, and Acquisitions.

Event Information

Training provided by: FireEye

  • START DATE: August 22, 2022 9:00am CDT
  • END DATE: August 25, 2022 5:00pm CT
  • LOCATION: ILT via WebEx. Details will be provided on successful registration.
  • COST: US$5,500 


A working understanding of networking and network security, the Windows operating system, file system, registry and regular expressions, and experience scripting in Python.

Recommended Pretraining

FireEye Network Security Deployment eLearning
FireEye Endpoint Security Deployment eLearning

Technical Requirements

Students must have access to a laptop running one of the following browsers: Chrome (latest), Firefox (latest), or Internet Explorer (10 or greater). Wireshark is recommended.

If possible, we recommend using an external monitor or dual-screen setup. This will enable you to view the class materials and virtual lab interface simultaneously.

Interested in this class?

If you have any additional questions, send us an email.

Thank you.