Rapid Incident Response Workshop with
Cisco Extended Detection & Response (XDR)
🎯 Mission Briefing: Kick off your adventure with a hands-on lab designed to enhance your investigation and incident response expertise.
🌐 Defend against sophisticated APTs with Cisco XDR: Learn how to empower your teams to go from endless investigation to remediating the highest priority incidents with greater speed, efficiency, and confidence. We will explore how to:
· Identify patterns and correlations in threat activity with root cause and attack chain analysis
· Leverage machine learning to prioritize incidents based on risk and impact
· Elevate productivity with automation and guidance
Experience a hands-on workshop built for SecOps pros, by SecOps pros.
Don’t miss your chance to:
🎯 Develop your skills: Learn how to scope, contain, and eradicate threats like a pro. Enhance your Digital Forensics and Incident Response and threat hunting expertise with greater speed, efficiency and confidence in our hands-on virtual lab.
🌐 Test your abilities: Put your skills to the test by:
- Identifying patterns and correlations in threat activity with root cause and attack chain analysis
- Leveraging machine learning to prioritize incidents based on risk and impact
- Elevating productivity with automated and guided remediations
Whether you are an experienced cybersecurity professional or a beginner, this workshop guarantees a mix of education, excitement, and engaging content. Seize the chance, upskill, and leave no incident undetected. Secure your spot now and leave with a clear plan to take back to your organization.
Note:
~ We recommend using a second monitor or screen for this workshop.
~ Please close down your applications and turn off your notifications before the workshop starts.
~ We understand your time is valuable; please plan for approximately 4 hours to complete the Rapid Incident Response with Cisco XDR workshop.
We look forward to seeing you there!
Agendas
| 10:00 – 11:00 |
Workshop Kickoff & Slide PresentationIntroductions, objectives, threat landscape, and tool orientation. |
| 11:00 – 11:10 |
Navigating Cisco XDR-DemoBrief platform walkthrough for first-time users. Can be skipped for experienced audiences. |
| 11:10 – 11:30 |
Phase 1: Initial AccessInvestigate how attackers first entered the environment through phishing techniques. |
| 11:30 – 11:50 |
Phase 2: DiscoveryAnalyze adversary reconnaissance activity within the compromised network. |
| 11:50 – 12:10 |
Phase 3: Privilege EscalationIdentify lateral movement techniques and privilege abuse across endpoints. |
| 12:10 – 12:30 |
Phase 4: Credential AccessUncover the methods used to dump and reuse credentials for persistence. |
| 12:30 – 12:50 |
Phase 5: Defense EvasionTrack how attackers disabled tools and obscured their presence. |
| 12:50 – 13:10 |
Phase 6: ExfiltrationAnalyze data movement and identify staging or exfiltration behaviors. |
| 13:10 – 13:30 |
Phase 7: Containment & ResponseUse Cisco XDR and integrated tools to contain the threat and recommend response actions. |
| 13:30 – 14:00 |
Q&A, Survey, CertificatesWrap-up, live Q&A, reminders about certificates, and survey completion. |
