Taegis Training🔗
Service Overview🔗
The Service is comprised of the following:
| Taegis Training |
|---|
| Up to 4 (Four) hours of Ad-hoc Taegis Training |
| AND |
| A choice of 2 (Two) of the following Training sessions: |
| OR |
Service Methodology🔗
The sections below contain example agenda items for chosen training sessions:
Taegis Administrator Training🔗
Listed below are example topics for training Customer's platform administrators. As XDR functionality evolves, Secureworks reserves the right to update these topics.
- Overview of XDR and its architecture
- How to use the Chat function to communicate with Secureworks experts
- XDR Dashboards
- User management and Tenant Settings
- Deploying a data collector and verifying health
- Configuring data Integrations and verifying health
- Deploying and managing Taegis Endpoint Agents
- XDR APIs
- Custom Parser Overview
- XDR Automations & Proactive Response Overview
- Auditing & Version Control
- Quick Search Function
Completion Criteria: This activity is complete when the training session has been delivered. Recording of the session is optional and shall be subject to Secureworks Privacy Policy. If required by Customer, Secureworks can provide a copy of the recording together with copies of training materials, if any, via an agreed electronic transfer method.
Taegis Analyst Training🔗
Listed below are example topics for training Customer's security analysts. As XDR functionality evolves, Secureworks reserves the right to update these topics.
- Overview of XDR and its architecture
- Ask an expert (feature for communicating with Secureworks subject matter experts through chat or support ticket)
- Operating model explanation for XDR
- Custom Rule Creation
- Suppressing Alerts in XDR
- Using XDR Proactive Response
- XDR Filtering and Search
- MITRE ATT&CK Framework Overview and XDR applicability
- Working with investigations in XDR
- XDR Detectors
- Security Posture Dashboard Overview
- Report Creation
Completion Criteria: This activity is complete when the training session has been delivered. Recording of the session is optional and shall be subject to Secureworks Privacy Policy. If required by Customer, Secureworks can provide a copy of the recording together with copies of training materials, if any, via an agreed electronic transfer method.
Advanced Search & Reporting Training🔗
Listed below are example topics for operators of the Advanced Search function. As XDR functionality evolves, Secureworks reserves the right to update these topics.
- Recap on Taegis Schema and Detectors
- Using the Advanced Search
- Data Validation (Integration use-case)
- SecOps Triage (Analyst use-case)
- Explaining & using Logical Types
- Search History & Saving Searches
- Creating a search query with Schema Types
- Build with Me
- Statements & Conditions
- Understanding & using Operators
- Creating Aggregated searches
- Creating Operational Reports
Completion Criteria: This activity is complete when the training session has been delivered. Recording of the session is optional and shall be subject to Secureworks Privacy Policy. If required by Customer, Secureworks can provide a copy of the recording together with copies of training materials, if any, via an agreed electronic transfer method.
Custom Parser Training🔗
Listed below are example topics for training Custom Parser authors. As XDR functionality evolves, Secureworks reserves the right to update these topics.
- Overview of XDR Schema
- Syslog Data Formats
- Recommended Methodology for Custom Parser creation
- Sampling and analyzing events
- Creating Parent & Standalone Parsers
- Creating Child Parsers
- Creating Custom Alerts
Completion Criteria: This activity is complete when the training session has been delivered. Recording of the session is optional and shall be subject to Secureworks Privacy Policy. If required by Customer, Secureworks can provide a copy of the recording together with copies of training materials, if any, via an agreed electronic transfer method.
XDR Scenario Based Training🔗
These sessions provide an interactive training workshop which focuses on learning how to effectively consume data and information stored within XDR. Each customized session is designed to address challenges experienced by Customer's security personnel through interactive discussion and execution of activities utilizing real data within Customer's tenant to demonstrate the following:
- Use of XDR Schema and its relevance in searching
- How MITRE ATT&CK can benefit Security Operations
- How XDR alerts and events align to the MITRE ATT&CK framework
- How to utilize the XDR Advanced Search to find key alerts and events
- How to create and update Investigations
- How to create Custom Rules based on events of interest
- How to suppress noise or false positive alerts
Completion Criteria: This activity is complete when the training session has been delivered. Recording of the session is optional and shall be subject to Secureworks Privacy Policy. If required by Customer, Secureworks can provide a copy of the recording together with copies of training materials, if any, via an agreed electronic transfer method.
XDR Ad-Hoc Training🔗
XDR ad-hoc training is designed to allow for Secureworks Professional Services Consultants to provide best practice guidance, advice, and training on:
- Utilizing and enabling key XDR functionality
- What Taegis customization options are available and how to use them
- How understand and optimally utilize XDR event, alert & investigation workflows
- What Taegis APIs are available and how they can be utilized
Completion Criteria: This activity is complete when the four hours have been consumed. Recording of the session is optional and shall be subject to Secureworks Privacy Policy. If required by Customer, Secureworks can provide a copy of the recording together with copies of training materials, if any, via an agreed electronic transfer method.
Service Units🔗
| Service Name | Required Service Units |
|---|---|
| Taegis Training | 2 |
Scheduling and Booking Information🔗
To find out more or to book, contact your Account Manager or Customer Success Manager.