FALCON 240: Investigating and Mitigating Threats With Real Time Response
FALCON 240: Investigating and Mitigating Threats with Falcon Real Time Response is a comprehensive one-day course focused on leveraging CrowdStrike Falcon® Real Time Response (RTR) for effective incident handling and threat remediation. Through hands-on exercises, participants will learn to execute Falcon RTR commands, develop custom scripts, and work with PSFalcon for automated responses. The course covers Falcon RTR architecture, administrative requirements, and practical applications of various response methods to help security teams reduce incident response times across their distributed enterprise.
Course Highlights:
- Execution of Falcon RTR commands and connection mechanisms for threat remediation
- Creation and management of custom scripts in the Falcon RTR repository
- Implementation of PSFalcon for automated device management and script deployment
- Development of automated workflows with custom triggers and actions
- Configuration of Falcon RTR roles, policies, and audit capabilities
