Modal title

Modal body text goes here.

Skip to main content
NSE Institute NSE Institute
  • Library
  • Schedule
  • Certifications
  • ATC
  • Security Academy Program
  • Log in
  • Training
  • Library

FortiEDR

Learn at your own pace or choose a format that suits you best.

Download Course Description
Course Description

In this interactive course, you will learn how to use enSilo/FortiEDR to protect your endpoints against advanced attacks with real-time orchestrated incident response functionality.

Who Should Attend

IT and security professionals involved in the administration and support of enSilo FortiEDR should attend this course.

Objectives

After completing this course, you should be able to:

  • Explain the enSilo approach and how it works
  • Identify the communicating components and how they are configured
  • Schedule, organize, and tune a new deployment
  • Carry out basic troubleshooting steps, including: verifying that enSilo is installed and actively blocking malware, identifying whether enSilo has blocked a process or connection, finding logs, and contacting enSilo Support
  • Perform important administrative tasks, including: managing console users, updating Collectors, delete personal data for GDPR compliance, and view system events
  • Complete basic tasks in of each area of the Management Console: the Dashboard, the Event Viewer, the Forensics tab, the Threat Hunting module, Communication Control, Security Policies, Playbooks, Inventory, and the Administration tab
  • Manage security events and their status
  • Block communication from applications that are risky or unwanted, but not inherently malicious
  • Define next-generation antivirus, its role in enSilo, and where it falls in the order of operations
  • Find and remove malicious executables from all the devices in your environment
  • Use RESTful API to manage your enSilo environment
  • Administer a multi-tenant environment
  • Recognize what enSilo Cloud Service is and how it works
  • Troubleshoot Collector upgrades and performance issues
  • Obtain Collector logs and memory dumps
  • Have a basic understanding of the history of malware, how it exploits trust, and the persistence techniques used in malware today
  • Triage PowerShell and CScript events, verify their destinations, and retrieve memory
  • Prioritize, investigate, and analyze security events
  • Remediate malicious events and create exceptions to allow safe processes
System Requirements

If you take an online format of this class, you must have a computer that has the following:

  • A high-speed Internet connection
  • An up-to-date web browser
  • A PDF viewer
  • Speakers/headphones
  • One of the following
    • HTML 5 support or
    • An up-to-date Java Runtime Environment (JRE) with Java plugin enabled in your web browser
Enroll Now

Access the self-paced training
Agenda
  1. Overview and Technical Positioning
  2. Help Desk Level 1 Triage
  3. Installation and Architecture
  4. Administration and Troubleshooting
  5. GUI Deep-Dive Part 1
  6. GUI Deep-Dive Part 2
  7. Events and Alerting
  8. Best Practices and Deployment
  9. Communication Control
  10. NGAV
  11. Threat Hunting
  12. RESTful API
  13. Multi-Tenancy
  14. enSilo Cloud Services
  15. Advanced Troubleshooting
  16. Endpoint Security 101
  17. PowerShell and CScript
  18. Alert Analysis 401
Product Versions
  • enSilo 4.0

Formats
  • Self-paced online

Prerequisites
  • Basic understanding of cybersecurity concepts
Certification

There is no certification exam associated with this course.

  • Library
  • Schedule
You are not logged in. (Log in)
  • Library
  • Schedule
  • Certifications
  • ATC
  • Security Academy Program
Data retention summary