Cisco Stealthwatch Use Case Workshop:
How to Hunt Insider Threats (UCWIT)

Improve your security defenses, add actionable security intelligence, and increase your network visibility with Cisco Stealthwatch workshops.

Use Case Workshops are hands-on, instructor-led courses focused on specific use case outcomes in Cisco Stealthwatch Enterprise. The workshops are designed to help you quickly identify and investigate common threats and to provide effective workflows so that you can fully understand Stealthwatch capabilities.

In this workshop, you’ll work through a series of activities that focus on hunting for insider threats using Cisco Stealthwatch Enterprise. This workshop will help you identify network behaviors that indicate threats posed by malicious, negligent, or compromised insiders. A lab environment will show you how to use Stealthwatch to detect them. At the end of the workshop, you’ll learn best practices for protecting your organization from insider threats.

This workshop is intended to be interactive and engaging. You are encouraged to ask questions, respond to questions, and share best practices and ideas.

Duration: 3 Hours
Price: $500


Objectives:
After taking this course you should be able to:

  • Identify insider threat behavior.
  • Detect unauthorized network traffic for bad (not good) behavior.
  • Use Stealthwatch tools to detect potential insider threats.
  • And much more


Prerequisites:
To complete this workshop, the following components must be installed and configured on your network:

  • Stealthwatch Management Console Version 7.0 or later
  • Stealthwatch Flow Collector
  • Stealthwatch Flow Sensor (DPI or other capable devices)


Who Should Attend:
This course is intended for individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration, and initiate incident response investigations.


Outline:
In this workshop, you’ll work through a series of activities that focus on hunting for insider threats using Cisco Stealthwatch Enterprise.

This workshop will help you identify network behaviors that indicate threats posed by malicious, negligent, or compromised insiders. A lab environment will show you how to use Stealthwatch to detect them.

At the end of the workshop, you’ll learn best practices for protecting your organization from insider threats. This workshop is intended to be interactive and engaging. You are encouraged to ask questions, respond to questions, and share best practices and ideas.