-
Participants will learn how to use the features in Trend Micro Vision One for extended detection response (XDR) activities. This course describes some of the concepts related to extended detection and response. Lessons in the course detail how to connect Trend Micro and third-party products to Trend Micro Vision One, how to install XDR sensors on devices in the infrastructure, how to navigate and interpret workbenches, how to incorporate thirdparty threat intelligence, how to search for information within the Trend Micro Vision One data lake, and how to automate responses using Security Playbooks. This course is taught by Trend Micro-certified trainers and incorporates a variety of hands-on lab exercises, allowing participants to put the lesson content into action.
-
Course Contents
-
- XDR Concepts
- Trend Micro Vision One
- Connecting Trend Micro Products
- Enabling XDR Sensors
- Integrating with Third-Party Products
- Using the XDR Apps
- Sharing Threat Intelligence
- Searching the Data Lake
- Responding to Incidents Using Security Playbooks
In this course, you will receive the Trend Micro course documentation which is also available as a Trend Micro e-Kit.
-
Target Group
-
This course is geared to members of an organization’s security operations teams that are responsible for detecting, investigating, prioritizing, and responding to threats who are new to, or have limited knowledge of, Trend Micro Vision One. This course is also beneficial to administrators responsible for performing initial setup operations such as connecting products to Trend Micro Vision One and enabling XDR sensors on devices.
-
Knowledge Prerequisites
-
Prerequisites to attend this course include:
- A working knowledge of Trend Micro endpoint and network protection solutions and services
- An understanding of basic networking concepts and principles will be helpful
Participants must also have successfully completed the Trend Micro Vision One
Fundamentals e-learning course on the Trend Micro Education Portal. -
Course Objective
-
Upon completion of this course, participants may choose to complete the certification
exam to obtain designation as a Trend Micro Certified Professional for Vision One XDR.
XDR Concepts |
• Collecting telemetry |
• Data correlation |
• MITRE ATT&CK |
Trend Micro Vision One |
• How Trend Micro Vision One fits into the Trend Micro One platform |
• Trend Micro Vision One core capabilities |
• Trend Micro Vision One features for XDR |
• Trend Micro Vision One apps |
Connecting Trend Micro Products |
• Collecting security events |
• Connecting Trend Micro Apex One™ as a Service |
• Connecting Deep Security™ Software |
• Connecting Trend Micro Cloud One™ – Endpoint & Workload Security |
• Connecting Cloud App Security |
• Connecting the Service Gateway |
• Connecting Web Security™ |
• Connecting Deep Discovery™ Inspector |
• Connecting TippingPoint™ SMS |
Enabling XDR Sensors |
• Installing Endpoint Basecamp |
• Creating Endpoint Groups and Security Policies |
• Enabling endpoint sensors |
• Enabling email sensors |
• Enabling network sensors |
• Enabling web sensors |
Integrating with Third-Party Products |
• Integration purposes |
Using the XDR Apps |
• XDR apps |
• Viewing raw security event and activity data |
• Filtering security event and activity data |
• Workbenches |
• Workbench actions |
• Execution profiles |
• Network analytics |
• Automating responses |
• Targeted attack detection |
• Response management |
• Managed XDR service |
Sharing Threat Intelligence |
• Curated and custom intelligence reports |
• Suspicious object management |
• Sandbox analysis |
Searching the Data Lake |
• Simple and complex search syntax |
• Search tips |
• Watchlists |
Responding to Incidents Using Security Playbooks |
• Playbook templates |
• Playbook triggers |
• Playbook conditions |
• Playbook actions |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses
-
Participants will learn how to use the features in Trend Micro Vision One for extended detection response (XDR) activities. This course describes some of the concepts related to extended detection and response. Lessons in the course detail how to connect Trend Micro and third-party products to Trend Micro Vision One, how to install XDR sensors on devices in the infrastructure, how to navigate and interpret workbenches, how to incorporate thirdparty threat intelligence, how to search for information within the Trend Micro Vision One data lake, and how to automate responses using Security Playbooks. This course is taught by Trend Micro-certified trainers and incorporates a variety of hands-on lab exercises, allowing participants to put the lesson content into action.
-
Course Contents
-
- XDR Concepts
- Trend Micro Vision One
- Connecting Trend Micro Products
- Enabling XDR Sensors
- Integrating with Third-Party Products
- Using the XDR Apps
- Sharing Threat Intelligence
- Searching the Data Lake
- Responding to Incidents Using Security Playbooks
In this course, you will receive the Trend Micro course documentation which is also available as a Trend Micro e-Kit.
-
Target Group
-
This course is geared to members of an organization’s security operations teams that are responsible for detecting, investigating, prioritizing, and responding to threats who are new to, or have limited knowledge of, Trend Micro Vision One. This course is also beneficial to administrators responsible for performing initial setup operations such as connecting products to Trend Micro Vision One and enabling XDR sensors on devices.
-
Knowledge Prerequisites
-
Prerequisites to attend this course include:
- A working knowledge of Trend Micro endpoint and network protection solutions and services
- An understanding of basic networking concepts and principles will be helpful
Participants must also have successfully completed the Trend Micro Vision One
Fundamentals e-learning course on the Trend Micro Education Portal. -
Course Objective
-
Upon completion of this course, participants may choose to complete the certification
exam to obtain designation as a Trend Micro Certified Professional for Vision One XDR.
XDR Concepts |
• Collecting telemetry |
• Data correlation |
• MITRE ATT&CK |
Trend Micro Vision One |
• How Trend Micro Vision One fits into the Trend Micro One platform |
• Trend Micro Vision One core capabilities |
• Trend Micro Vision One features for XDR |
• Trend Micro Vision One apps |
Connecting Trend Micro Products |
• Collecting security events |
• Connecting Trend Micro Apex One™ as a Service |
• Connecting Deep Security™ Software |
• Connecting Trend Micro Cloud One™ – Endpoint & Workload Security |
• Connecting Cloud App Security |
• Connecting the Service Gateway |
• Connecting Web Security™ |
• Connecting Deep Discovery™ Inspector |
• Connecting TippingPoint™ SMS |
Enabling XDR Sensors |
• Installing Endpoint Basecamp |
• Creating Endpoint Groups and Security Policies |
• Enabling endpoint sensors |
• Enabling email sensors |
• Enabling network sensors |
• Enabling web sensors |
Integrating with Third-Party Products |
• Integration purposes |
Using the XDR Apps |
• XDR apps |
• Viewing raw security event and activity data |
• Filtering security event and activity data |
• Workbenches |
• Workbench actions |
• Execution profiles |
• Network analytics |
• Automating responses |
• Targeted attack detection |
• Response management |
• Managed XDR service |
Sharing Threat Intelligence |
• Curated and custom intelligence reports |
• Suspicious object management |
• Sandbox analysis |
Searching the Data Lake |
• Simple and complex search syntax |
• Search tips |
• Watchlists |
Responding to Incidents Using Security Playbooks |
• Playbook templates |
• Playbook triggers |
• Playbook conditions |
• Playbook actions |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses