Rapid Incident ResponseiCAL Export

Cisco XDR Rapid Incident Response Workshop - Sweden

In today’s fast-paced threat landscape, organizations face sophisticated cyberattacks targeting endpoints, networks, and email systems. The ability to rapidly detect, investigate, and respond to incidents across multiple vectors is vital for maintaining a strong security posture.

This hands-on workshop is designed to empower security professionals with the practical knowledge and skills needed to orchestrate a rapid and effective incident response strategy using Cisco’s integrated security solutions, as well as Microsoft Defender for endpoint protection. The session emphasizes the importance of securing email as a primary attack vector, alongside endpoint and network security.

Participants will gain hands-on experience with a powerful ecosystem of tools, including Cisco XDR, Secure Endpoint, Umbrella, Secure Malware Analytics, Cisco Firewalls, Cisco Email Threat Defense, and Threat Intelligence. Additionally, we’ll explore how to seamlessly integrate these tools with Microsoft Defender to create a unified, robust security strategy.

Workshop Highlights:

This workshop will provide practical, hands-on experience with:

• Cisco XDR: Consolidate and analyze telemetry from across your security ecosystem to enable faster detection and response.
• Cisco Secure Endpoint: Detect and mitigate endpoint threats with advanced EDR capabilities powered by real-time analytics.
• Cisco Umbrella: Protect users from malicious domains, phishing, and malware with DNS-layer security and secure web gateway features.
• Cisco Secure Malware Analytics: Conduct in-depth malware analysis to uncover sophisticated threats and generate actionable intelligence.
• Cisco Firewall: Strengthen perimeter defenses with comprehensive threat protection and policy enforcement.
• Cisco Email Threat Defense: Secure email, the most targeted attack vector, by identifying and blocking phishing, business email compromise (BEC), and malicious attachments.
• Threat Intelligence: Leverage actionable threat intelligence to enhance your ability to detect and respond to emerging threats.
• Microsoft Defender for Endpoint: Integrate and utilize Microsoft Defender to ensure seamless endpoint protection across hybrid environments.

Key Takeaways:

• Build a unified, streamlined incident response strategy across email, endpoint, network, and cloud environments.
• Gain practical experience with Cisco XDR and its integration with endpoint, email, and network security tools.
• Learn to operationalize threat intelligence to improve detection and accelerate response times.
• Explore real-world workflows for detecting, analyzing, and neutralizing advanced threats, including ransomware, phishing, and malware.
• Discover best practices for integrating Microsoft Defender with Cisco’s security solutions to create a multi-layered defense strategy.

Who Should Attend:

• Security Operations Center (SOC) analysts
• Incident response teams
• Cybersecurity engineers and architects
• IT professionals responsible for securing enterprise environments

Workshop Format:

• Duration: 4-6 hours (customizable based on audience needs)
• Structure:
  • Interactive presentations and demonstrations
  • Hands-on labs with guided exercises
  • Live threat simulations and response workflows

Prerequisites:

• You will need to bring a laptop for this hands-on workshop
• Basic understanding of cybersecurity concepts and frameworks.
• Familiarity with endpoint, email, and network security tools is helpful but not required.
• Ensure you are able to access https://ciscosecurityworkshop.com/ portal or else ask your IT Admin to allow this URL: https://ciscosecurityworkshop.com/ . If not possible, please bring your personal Laptop.
• The workshop uses a Microsoft tenant (ciscothreathunting.ninja). This tenant should be allowed and tenant restrictions should not be applied.
• A dual monitor / screen would be helpful for the workshop but not essential.

Why Attend?

This workshop provides a unique opportunity to strengthen your incident response capabilities by mastering the integration of Cisco and Microsoft security solutions. Learn how to secure your organization’s email systems, endpoints, and network infrastructure against today’s most sophisticated cyber threats. With actionable insights and guided hands-on labs, you’ll leave with the confidence to rapidly detect, investigate, and respond to threats across multiple attack surfaces.

Splunk + Cisco RIR

In today’s fast-paced threat landscape, organizations face sophisticated cyberattacks targeting endpoints, networks, and email systems. The ability to rapidly detect, investigate, and respond to incidents across multiple vectors is vital for maintaining a strong security posture.

This hands-on workshop is designed to empower security professionals with the practical knowledge and skills needed to orchestrate a rapid and effective incident response strategy using Cisco’s integrated security solutions, as well as Microsoft Defender for endpoint protection. The session emphasizes the importance of securing email as a primary attack vector, alongside endpoint and network security.

Participants will gain hands-on experience with a powerful ecosystem of tools, including Cisco XDR, Secure Endpoint, Umbrella, Secure Malware Analytics, Cisco Firewalls, Cisco Email Threat Defense, and Threat Intelligence. Additionally, we’ll explore how to seamlessly integrate these tools with Microsoft Defender to create a unified, robust security strategy.

Workshop Highlights:

This workshop will provide practical, hands-on experience with:

• Cisco XDR: Consolidate and analyze telemetry from across your security ecosystem to enable faster detection and response.
• Cisco Secure Endpoint: Detect and mitigate endpoint threats with advanced EDR capabilities powered by real-time analytics.
• Cisco Umbrella: Protect users from malicious domains, phishing, and malware with DNS-layer security and secure web gateway features.
• Cisco Secure Malware Analytics: Conduct in-depth malware analysis to uncover sophisticated threats and generate actionable intelligence.
• Cisco Firewall: Strengthen perimeter defenses with comprehensive threat protection and policy enforcement.
• Cisco Email Threat Defense: Secure email, the most targeted attack vector, by identifying and blocking phishing, business email compromise (BEC), and malicious attachments.
• Threat Intelligence: Leverage actionable threat intelligence to enhance your ability to detect and respond to emerging threats.
• Microsoft Defender for Endpoint: Integrate and utilize Microsoft Defender to ensure seamless endpoint protection across hybrid environments.

Key Takeaways:

• Build a unified, streamlined incident response strategy across email, endpoint, network, and cloud environments.
• Gain practical experience with Cisco XDR and its integration with endpoint, email, and network security tools.
• Learn to operationalize threat intelligence to improve detection and accelerate response times.
• Explore real-world workflows for detecting, analyzing, and neutralizing advanced threats, including ransomware, phishing, and malware.
• Discover best practices for integrating Microsoft Defender with Cisco’s security solutions to create a multi-layered defense strategy.

Who Should Attend:

• Security Operations Center (SOC) analysts
• Incident response teams
• Cybersecurity engineers and architects
• IT professionals responsible for securing enterprise environments

Workshop Format:

• Duration: 4-6 hours (customizable based on audience needs)
• Structure:
  • Interactive presentations and demonstrations
  • Hands-on labs with guided exercises
  • Live threat simulations and response workflows

Prerequisites:

• You will need to bring a laptop for this hands-on workshop
• Basic understanding of cybersecurity concepts and frameworks.
• Familiarity with endpoint, email, and network security tools is helpful but not required.
• Ensure you are able to access https://ciscosecurityworkshop.com/ portal or else ask your IT Admin to allow this URL: https://ciscosecurityworkshop.com/ . If not possible, please bring your personal Laptop.
• The workshop uses a Microsoft tenant (ciscothreathunting.ninja). This tenant should be allowed and tenant restrictions should not be applied.
• A dual monitor / screen would be helpful for the workshop but not essential.

Why Attend?

This workshop provides a unique opportunity to strengthen your incident response capabilities by mastering the integration of Cisco and Microsoft security solutions. Learn how to secure your organization’s email systems, endpoints, and network infrastructure against today’s most sophisticated cyber threats. With actionable insights and guided hands-on labs, you’ll leave with the confidence to rapidly detect, investigate, and respond to threats across multiple attack surfaces.

RIR-Mum & GGN

RIR Mumbai

In today’s fast-paced threat landscape, organizations face sophisticated cyberattacks targeting endpoints, networks, and email systems. The ability to rapidly detect, investigate, and respond to incidents across multiple vectors is vital for maintaining a strong security posture.

This hands-on workshop is designed to empower security professionals with the practical knowledge and skills needed to orchestrate a rapid and effective incident response strategy using Cisco’s integrated security solutions, as well as Microsoft Defender for endpoint protection. The session emphasizes the importance of securing email as a primary attack vector, alongside endpoint and network security.

Participants will gain hands-on experience with a powerful ecosystem of tools, including Cisco XDR, Secure Endpoint, Umbrella, Secure Malware Analytics, Cisco Firewalls, Cisco Email Threat Defense, and Threat Intelligence. Additionally, we’ll explore how to seamlessly integrate these tools with Microsoft Defender to create a unified, robust security strategy.

Workshop Highlights:

This workshop will provide practical, hands-on experience with:

• Cisco XDR: Consolidate and analyze telemetry from across your security ecosystem to enable faster detection and response.
• Cisco Secure Endpoint: Detect and mitigate endpoint threats with advanced EDR capabilities powered by real-time analytics.
• Cisco Umbrella: Protect users from malicious domains, phishing, and malware with DNS-layer security and secure web gateway features.
• Cisco Secure Malware Analytics: Conduct in-depth malware analysis to uncover sophisticated threats and generate actionable intelligence.
• Cisco Firewall: Strengthen perimeter defenses with comprehensive threat protection and policy enforcement.
• Cisco Email Threat Defense: Secure email, the most targeted attack vector, by identifying and blocking phishing, business email compromise (BEC), and malicious attachments.
• Threat Intelligence: Leverage actionable threat intelligence to enhance your ability to detect and respond to emerging threats.
• Microsoft Defender for Endpoint: Integrate and utilize Microsoft Defender to ensure seamless endpoint protection across hybrid environments.

Key Takeaways:

• Build a unified, streamlined incident response strategy across email, endpoint, network, and cloud environments.
• Gain practical experience with Cisco XDR and its integration with endpoint, email, and network security tools.
• Learn to operationalize threat intelligence to improve detection and accelerate response times.
• Explore real-world workflows for detecting, analyzing, and neutralizing advanced threats, including ransomware, phishing, and malware.
• Discover best practices for integrating Microsoft Defender with Cisco’s security solutions to create a multi-layered defense strategy.

Who Should Attend:

• Security Operations Center (SOC) analysts
• Incident response teams
• Cybersecurity engineers and architects
• IT professionals responsible for securing enterprise environments

Workshop Format:

• Duration: 4-6 hours (customizable based on audience needs)
• Structure:
  • Interactive presentations and demonstrations
  • Hands-on labs with guided exercises
  • Live threat simulations and response workflows

Prerequisites:

• You will need to bring a laptop for this hands-on workshop
• Basic understanding of cybersecurity concepts and frameworks.
• Familiarity with endpoint, email, and network security tools is helpful but not required.
• Ensure you are able to access https://ciscosecurityworkshop.com/ portal or else ask your IT Admin to allow this URL: https://ciscosecurityworkshop.com/ . If not possible, please bring your personal Laptop.
• The workshop uses a Microsoft tenant (ciscothreathunting.ninja). This tenant should be allowed and tenant restrictions should not be applied.
• A dual monitor / screen would be helpful for the workshop but not essential.

Why Attend?

This workshop provides a unique opportunity to strengthen your incident response capabilities by mastering the integration of Cisco and Microsoft security solutions. Learn how to secure your organization’s email systems, endpoints, and network infrastructure against today’s most sophisticated cyber threats. With actionable insights and guided hands-on labs, you’ll leave with the confidence to rapidly detect, investigate, and respond to threats across multiple attack surfaces.

RIR_GGN_MUM_19JAN26

RIRv7 Morocco

RIR Breach Protection Base Tour Bangkok

Experience a hands-on workshop built for SecOps pros, by SecOps pros.

In the heat of a crisis, every keystroke counts, and indecision could cost your organization millions. What separates security pros from security liabilities? A plan – and practice. Join us for this hands-on Rapid Incident Response with Cisco XDR Workshop to develop your skills and test your abilities. 

Don’t miss your chance to:  

🎯 Develop your skills: Learn how to scope, contain, and eradicate threats like a pro. Enhance your Digital Forensics and Incident Response and threat hunting expertise with greater speed, efficiency and confidence in our hands-on virtual lab. 

🌐 Test your abilities: Put your skills to the test by: 

• Identifying patterns and correlations in threat activity with root cause and attack chain analysis  
• Leveraging machine learning to prioritize incidents based on risk and impact 
• Elevating productivity with automated and guided remediations  

Whether you are an experienced cybersecurity professional or a beginner, this workshop guarantees a mix of education, excitement, and engaging content. Seize the chance, upskill, and leave no incident undetected. Secure your spot now and leave with a clear plan to take back to your organization.  

Note: 
~ We recommend using a second monitor or screen for this workshop.  
~ Please close down your applications and turn off your notifications before the workshop starts. 
~ We understand your time is valuable; please plan for approximately 4 hours to complete the Rapid Incident Response with Cisco XDR workshop.  
 

We look forward to seeing you there! 

RIR v7 - Greece

Experience a hands-on workshop built for SecOps pros, by SecOps pros.

In the heat of a crisis, every keystroke counts, and indecision could cost your organization millions. What separates security pros from security liabilities? A plan – and practice. Join us for this hands-on Rapid Incident Response with Cisco XDR Workshop to develop your skills and test your abilities. 

Don’t miss your chance to:  

🎯 Develop your skills: Learn how to scope, contain, and eradicate threats like a pro. Enhance your Digital Forensics and Incident Response and threat hunting expertise with greater speed, efficiency and confidence in our hands-on virtual lab. 

🌐 Test your abilities: Put your skills to the test by: 

• Identifying patterns and correlations in threat activity with root cause and attack chain analysis  
• Leveraging machine learning to prioritize incidents based on risk and impact 
• Elevating productivity with automated and guided remediations  

Whether you are an experienced cybersecurity professional or a beginner, this workshop guarantees a mix of education, excitement, and engaging content. Seize the chance, upskill, and leave no incident undetected. Secure your spot now and leave with a clear plan to take back to your organization.  

Note: 
~ We recommend using a second monitor or screen for this workshop.  
~ Please close down your applications and turn off your notifications before the workshop starts. 
~ We understand your time is valuable; please plan for approximately 4 hours to complete the Rapid Incident Response with Cisco XDR workshop.  
 

We look forward to seeing you there! 

Utah Tech Days

XDR Incident Response Workshop

Seoul - Security Hands-on workshop for scale customer(Test)

Cisco Security Hands-on workshop for Korea Scale Customer.

RIR Jakarta

In today’s fast-paced threat landscape, organizations face sophisticated cyberattacks targeting endpoints, networks, and email systems. The ability to rapidly detect, investigate, and respond to incidents across multiple vectors is vital for maintaining a strong security posture.

This hands-on workshop is designed to empower security professionals with the practical knowledge and skills needed to orchestrate a rapid and effective incident response strategy using Cisco’s integrated security solutions, as well as Microsoft Defender for endpoint protection. The session emphasizes the importance of securing email as a primary attack vector, alongside endpoint and network security.

Participants will gain hands-on experience with a powerful ecosystem of tools, including Cisco XDR, Secure Endpoint, Umbrella, Secure Malware Analytics, Cisco Firewalls, Cisco Email Threat Defense, and Threat Intelligence. Additionally, we’ll explore how to seamlessly integrate these tools with Microsoft Defender to create a unified, robust security strategy.

Workshop Highlights:

This workshop will provide practical, hands-on experience with:

• Cisco XDR: Consolidate and analyze telemetry from across your security ecosystem to enable faster detection and response.
• Cisco Secure Endpoint: Detect and mitigate endpoint threats with advanced EDR capabilities powered by real-time analytics.
• Cisco Umbrella: Protect users from malicious domains, phishing, and malware with DNS-layer security and secure web gateway features.
• Cisco Secure Malware Analytics: Conduct in-depth malware analysis to uncover sophisticated threats and generate actionable intelligence.
• Cisco Firewall: Strengthen perimeter defenses with comprehensive threat protection and policy enforcement.
• Cisco Email Threat Defense: Secure email, the most targeted attack vector, by identifying and blocking phishing, business email compromise (BEC), and malicious attachments.
• Threat Intelligence: Leverage actionable threat intelligence to enhance your ability to detect and respond to emerging threats.
• Microsoft Defender for Endpoint: Integrate and utilize Microsoft Defender to ensure seamless endpoint protection across hybrid environments.

Key Takeaways:

• Build a unified, streamlined incident response strategy across email, endpoint, network, and cloud environments.
• Gain practical experience with Cisco XDR and its integration with endpoint, email, and network security tools.
• Learn to operationalize threat intelligence to improve detection and accelerate response times.
• Explore real-world workflows for detecting, analyzing, and neutralizing advanced threats, including ransomware, phishing, and malware.
• Discover best practices for integrating Microsoft Defender with Cisco’s security solutions to create a multi-layered defense strategy.

Who Should Attend:

• Security Operations Center (SOC) analysts
• Incident response teams
• Cybersecurity engineers and architects
• IT professionals responsible for securing enterprise environments

Workshop Format:

• Duration: 4-6 hours (customizable based on audience needs)
• Structure:
  • Interactive presentations and demonstrations
  • Hands-on labs with guided exercises
  • Live threat simulations and response workflows

Prerequisites:

• You will need to bring a laptop for this hands-on workshop
• Basic understanding of cybersecurity concepts and frameworks.
• Familiarity with endpoint, email, and network security tools is helpful but not required.
• Ensure you are able to access https://ciscosecurityworkshop.com/ portal or else ask your IT Admin to allow this URL: https://ciscosecurityworkshop.com/ . If not possible, please bring your personal Laptop.
• The workshop uses a Microsoft tenant (ciscothreathunting.ninja). This tenant should be allowed and tenant restrictions should not be applied.
• A dual monitor / screen would be helpful for the workshop but not essential.

Why Attend?

This workshop provides a unique opportunity to strengthen your incident response capabilities by mastering the integration of Cisco and Microsoft security solutions. Learn how to secure your organization’s email systems, endpoints, and network infrastructure against today’s most sophisticated cyber threats. With actionable insights and guided hands-on labs, you’ll leave with the confidence to rapidly detect, investigate, and respond to threats across multiple attack surfaces.

RIR Rusdy's

RIRv7 Morocco for customers

Indonesia LA RIR Workshop

Seoul - Security Hands-on workshop for scale customer

Cisco Security Hands-on workshop for Korea Scale Customer.

Chiltern Railway RIR

VM02 RIR

Harman XDR Workshop - India

In today’s fast-paced threat landscape, organizations face sophisticated cyberattacks targeting endpoints, networks, and email systems. The ability to rapidly detect, investigate, and respond to incidents across multiple vectors is vital for maintaining a strong security posture.

This hands-on workshop is designed to empower security professionals with the practical knowledge and skills needed to orchestrate a rapid and effective incident response strategy using Cisco’s integrated security solutions, as well as Microsoft Defender for endpoint protection. The session emphasizes the importance of securing email as a primary attack vector, alongside endpoint and network security.

Participants will gain hands-on experience with a powerful ecosystem of tools, including Cisco XDR, Secure Endpoint, Umbrella, Secure Malware Analytics, Cisco Firewalls, Cisco Email Threat Defense, and Threat Intelligence. Additionally, we’ll explore how to seamlessly integrate these tools with Microsoft Defender to create a unified, robust security strategy.

Workshop Highlights:

This workshop will provide practical, hands-on experience with:

• Cisco XDR: Consolidate and analyze telemetry from across your security ecosystem to enable faster detection and response.
• Cisco Secure Endpoint: Detect and mitigate endpoint threats with advanced EDR capabilities powered by real-time analytics.
• Cisco Umbrella: Protect users from malicious domains, phishing, and malware with DNS-layer security and secure web gateway features.
• Cisco Secure Malware Analytics: Conduct in-depth malware analysis to uncover sophisticated threats and generate actionable intelligence.
• Cisco Firewall: Strengthen perimeter defenses with comprehensive threat protection and policy enforcement.
• Cisco Email Threat Defense: Secure email, the most targeted attack vector, by identifying and blocking phishing, business email compromise (BEC), and malicious attachments.
• Threat Intelligence: Leverage actionable threat intelligence to enhance your ability to detect and respond to emerging threats.
• Microsoft Defender for Endpoint: Integrate and utilize Microsoft Defender to ensure seamless endpoint protection across hybrid environments.

Key Takeaways:

• Build a unified, streamlined incident response strategy across email, endpoint, network, and cloud environments.
• Gain practical experience with Cisco XDR and its integration with endpoint, email, and network security tools.
• Learn to operationalize threat intelligence to improve detection and accelerate response times.
• Explore real-world workflows for detecting, analyzing, and neutralizing advanced threats, including ransomware, phishing, and malware.
• Discover best practices for integrating Microsoft Defender with Cisco’s security solutions to create a multi-layered defense strategy.

Who Should Attend:

• Security Operations Center (SOC) analysts
• Incident response teams
• Cybersecurity engineers and architects
• IT professionals responsible for securing enterprise environments

Workshop Format:

• Duration: 4-6 hours (customizable based on audience needs)
• Structure:
  • Interactive presentations and demonstrations
  • Hands-on labs with guided exercises
  • Live threat simulations and response workflows

Prerequisites:

• You will need to bring a laptop for this hands-on workshop
• Basic understanding of cybersecurity concepts and frameworks.
• Familiarity with endpoint, email, and network security tools is helpful but not required.
• Ensure you are able to access https://ciscosecurityworkshop.com/ portal or else ask your IT Admin to allow this URL: https://ciscosecurityworkshop.com/ . If not possible, please bring your personal Laptop.
• The workshop uses a Microsoft tenant (ciscothreathunting.ninja). This tenant should be allowed and tenant restrictions should not be applied.
• A dual monitor / screen would be helpful for the workshop but not essential.

Why Attend?

This workshop provides a unique opportunity to strengthen your incident response capabilities by mastering the integration of Cisco and Microsoft security solutions. Learn how to secure your organization’s email systems, endpoints, and network infrastructure against today’s most sophisticated cyber threats. With actionable insights and guided hands-on labs, you’ll leave with the confidence to rapidly detect, investigate, and respond to threats across multiple attack surfaces.

RIR - NTWMD

RIR Sheriff UA

Rapid Incident Response: 28th Annual Victoria International Privacy & Security Summit

This immersive, hands-on lab experience will focus on developing key skills for investigating and responding to cyber incidents. Participants will learn practical techniques for identifying, analyzing, and responding to sophisticated advanced persistent threats (APTs) using Extended Detection & Response (XDR). The strategies and skills gained will be broadly applicable across a range of tools and environments. Learn how to empower your teams to go from endless investigation to remediating the highest priority incidents with greater speed, efficiency, and confidence. The session will be 80min lecture and then 10min to ensure everyone has access to the labs. The labs will be available to all attendees for up to 7 days. If you complete the labs, you will also get CPE credits. Please ensure you bring your laptops.