Intermediate Falcon Platform for Responders – 1st Thursdays

This one-day instructor-led course instructs intermediate responders in the best use of the Falcon Platform for incident triage. The
course is appropriate for those who use the Falcon Platform on a day to day basis, focused on triaging and responding to alerts. It
includes practical labs for students to develop hands-on skills.

PREREQUISITES
This hands-on course is intended for technical contributors who use Falcon Insight to detect, investigate and respond to incidents.
Positions might include Security Analyst, SOC Analyst, Security Engineer, IT Security Operations Manager, Security Administrator,
Endpoint Security Administrator, Channel Sales Engineers
To obtain the maximum benefit from this class, you should meet the following requirements:

• Completion of the FHT100 level course material in CrowdStrike University
• Able to understand course curriculum presented in English
• Perform basic operations on a personal computer
• Have an intermediate knowledge of cyber security incident investigation and incident lifecycle.
• Be familiar with the Microsoft Windows environment

CLASS MATERIAL
Once registered for the course, associated materials may be downloaded from Hugonet

LEARNING OBJECTIVES
Students who complete this course should be able to:
• Use the key features of the Falcon Platform applications
• Analyze detections and ascertain true or false positive findings
• Apply a standard analytic process to detection triage
• Describe the data available in the Insight app
• Use the Insight app to continue analysis beyond a detection
• Perform limited discovery of additional events beyond a detection

The course includes multiple hands-on labs that allow students to apply what they have learned in the workshop.