FALCON 201: Falcon Platform for Responders
FALCON 201: Falcon Platform for Responders s an intermediate one-day course that equips security analysts and incident responders with skills for using CrowdStrike Falcon® endpoint detection response. Through hands-on exercises with real-world scenarios, participants will learn a standardized analytical process for investigating and responding to security incidents. The course focuses on detection analysis, event discovery, and investigation tools, enabling security teams to effectively analyze and respond to potential threats.
Course Highlights:
- Analyze Falcon endpoint data to identify security incidents and follow recommended detection analysis procedures
- Implement proper detection workflow procedures using endpoint security tools
- Investigate real-world attack scenarios using Falcon's advanced detection and analysis capabilities
- Execute targeted event searches using process relationships and event actions
