This course focuses on network analysis and hunting of malicious activity from a security operations center perspective. We will dive into the NetFlow strengths, operational limitations of NetFlow, recommended sensor placement, NetFlow tools, visualization of network data, analytic trade craft for network situational awareness and networking hunting scenarios.
Learning Objectives
- Provide an understanding of the NetFlow data format.
- Describe common NetFlow collection, analysis, and visualization tools.
- Cover situational awareness and hunting analytic tradecraft.
- Fuse NetFlow with other data sources.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Cyber Defense Analysis