RSA Netwitness Queries?
IntrusionNewb
Registered Users Posts: 21 ■■□□□□□□□□
in Off-Topic
I just started a new job for the state government about a month ago and we use Netwitness. Threat hunting is a huge part of the job but there's not training or anything. So far I've mostly seen Netwitness training on the RSA site but you have to have a Dell education/enterprise account for it or something.
Does anyone have any queries they use often for threat hunting with Netwitness? I'm just trying to figure out more ways to look for malicious activity.
Comments
-
sunrise1994 Member Posts: 11 ■■■□□□□□□□Dear Sir, YEs they are multiple but it depends on the data sources you integrated with the RSA SA.