Detect Suspicious Activity with CSM Threats

Learning Objectives

After completing this course you will be able to:

Monitor process, network, kernel-level, and file activity using CSM Threats
Detect threat activity using security agent expressions and threat detection rules
Use CSM Security Signals to investigate threats

Primary Audience

Security engineers, platform engineers, and cloud engineers responsible for security monitoring in a public cloud environment.

Prerequisites

The prerequisites for this course are the following:

Recommended: Completion of the Learning Environment course
Optional: Completion of the Enable and Manage CSM Threats course
Basic cloud computing knowledge (this course features a sandbox AWS environment)
Familiarity with the Linux command line

Technical Requirements

In order to complete the course, you will need the following:

Google Chrome or Firefox

Course Navigation

At the bottom of each lesson, click the MARK LESSON COMPLETE AND CONTINUE button so that you are marked complete for each lesson and can receive the certificate at the end of the course.

Course Enrollment Period

Please note that your enrollment in this course ends after 30 days. You can re-enroll at any time and pick up where you left off.

Learning Center

Detect Suspicious Process, File, and Network Activity with CSM Threats

Learning Objectives

Primary Audience

Prerequisites

Technical Requirements

Course Navigation

Course Enrollment Period

Course curriculum

Course Overview

Detect and Investigate Threats

Lab: Detect Suspicious Activity with CSM Threats

Course Conclusion

Detect Suspicious Process, File, and Network Activity with CSM Threats

Running into an issue?