Training Overview

A computer operator is manipulating a complicated user interrface onhis screen as part of InQuest FDR training

InQuest offers robust training packed into a two-day immersion course on all aspects of File Detection and Response (FDR).

The course curriculum is designed to address the needs of two key personas (which may or may not be separate individuals depending on your organization):

Security Analyst
System Administrator

Training can be structured around our standard course material or tailored to specific customer needs.

Depending on the scale of training needed, InQuest can package training either virtually or in-person.

Each curriculum module is summarized below.

FDR System Overview

This module covers our product impetus, product highlights, Deep File Inspection, Threat Intelligence, strategic integrations, cloud services, system information architecture, malware carriers, and support levels.

FDR Threat Discovery and Score

This module covers IQ Score overview, artifacts analyzed, threat score contributors, detracting factors, tailored signatures, more on malware carriers, and a threat score review.

FDR Cloud Infrastructure

This module covers Multi-AV, Eyelet Reputation database, Threat Exchange and automatic updates.

FDR Event Anatomy

This module covers event confidence and severity, file identification, file characteristics, suspicious characteristics, evasion characteristics, header analytics, data loss, YARA signatures, sessions and files, Syslog, and a signature walkthrough.

FDR UI

This module covers our UI dashboard, areas of analysis, analysis search, analysis workflow and audit trail, analysis tools, session/threat details, reports, filtration, and policies (InQuest, user-defined, C2 and blacklist).

System Installation and Configuration

This module covers system installation, appliances, management interface selection, IPv4/v6 configuration, Manager installation, Collector installation, and network configuration.

System Monitoring

This module covers health monitoring, disk and network statistics, capture engine statistics, device management and health, network communications, global system configuration, integrations (local, InQuest, ICAP), and troubleshooting.

Summary

Course participants will come away with three key advancements:

An in-depth understanding of File Detection and Response features and capabilities
Necessary system installation, configuration and management knowledge
Insights into how seasoned security analysts and threat hunters here at InQuest go about the process of finding, analyzing, and taking against modern security risks, threats, breaches and incidents

Get Pricing

Overview

What is FDR?

Technology

Core Features

Benefits

Differentiation

Solutions

Solutions

File-borne Attack Use Cases

Threat Hunting Use Cases

SOC ROI Use Cases

Products & Services

Products

Services

Pricing

Resources

Company