VMware ATC Logo

VMware Carbon Black Cloud Enterprise EDR

VMware ATC Logo

This advanced course is carried out directly by VMware.

Please Note:The acquisition of Broadcom has optimized the VMware course portfolio for the revised go-to-market strategy. In future, the focus will be on the VMware Cloud Foundation (VCF) portfolio. All courses that do not belong to this portfolio will be transferred to "End of Availability" (EOA) status on March 1, 2024. This means that this course will only be available until March.

This one-day course teaches you how to use the VMware Carbon Black® Cloud Enterprise EDR™ product and leverage its capabilities to configure and maintain the system according to your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.

Course Contents

  • Course Introduction
  • Data Flows and Communication
  • Searching Data
  • Managing Watchlists
  • Alert Processing
  • Threat Hunting in Enterprise EDR
  • Response Capabilities

E-Book Symbol You will receive the original course documentation from VMware as an e-book.

Target Group

Security operations personnel, including analysts and managers

Knowledge Prerequisites

This course requires completion of the following course:
•  VMware Carbon Black Cloud Fundamentals

 
1 Course Introduction
• Introductions and course logistics
• Course objectives
 
2 Data Flows and Communication
• Hardware and software requirements
• Architecture
• Data flows
 
3 Searching Data
• Creating searches
• Search operators
• Analyzing processes
• Analyzing binaries
• Advanced queries
 
4 Managing Watchlists
• Subscribing
• Alerting
• Custom watchlists
 
5 Alert Processing
• Alert creation
• Analyzing alert data
• Alert actions
 
6 Threat Hunting in Enterprise EDR
• Cognitive Attack Loop
• Malicious behaviors
 
7 Response Capabilities
• Using quarantine
• Using live response

Classroom training

Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!

Online training

You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.

Tailor-made courses

You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses
PDF SymbolYou can find the complete description of this course with dates and prices ready for download at as PDF.

This advanced course is carried out directly by VMware.

Please Note:The acquisition of Broadcom has optimized the VMware course portfolio for the revised go-to-market strategy. In future, the focus will be on the VMware Cloud Foundation (VCF) portfolio. All courses that do not belong to this portfolio will be transferred to "End of Availability" (EOA) status on March 1, 2024. This means that this course will only be available until March.

This one-day course teaches you how to use the VMware Carbon Black® Cloud Enterprise EDR™ product and leverage its capabilities to configure and maintain the system according to your organization’s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs.

Course Contents

  • Course Introduction
  • Data Flows and Communication
  • Searching Data
  • Managing Watchlists
  • Alert Processing
  • Threat Hunting in Enterprise EDR
  • Response Capabilities

E-Book Symbol You will receive the original course documentation from VMware as an e-book.

Target Group

Security operations personnel, including analysts and managers

Knowledge Prerequisites

This course requires completion of the following course:
•  VMware Carbon Black Cloud Fundamentals

 
1 Course Introduction
• Introductions and course logistics
• Course objectives
 
2 Data Flows and Communication
• Hardware and software requirements
• Architecture
• Data flows
 
3 Searching Data
• Creating searches
• Search operators
• Analyzing processes
• Analyzing binaries
• Advanced queries
 
4 Managing Watchlists
• Subscribing
• Alerting
• Custom watchlists
 
5 Alert Processing
• Alert creation
• Analyzing alert data
• Alert actions
 
6 Threat Hunting in Enterprise EDR
• Cognitive Attack Loop
• Malicious behaviors
 
7 Response Capabilities
• Using quarantine
• Using live response

Classroom training

Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!

Online training

You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.

Tailor-made courses

You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses

PDF SymbolYou can find the complete description of this course with dates and prices ready for download at as PDF.