Search results

XDR Workshop for Ballad Health

Rapid Incident Response with Cisco Extended Detection & Response (XDR)

🎯 Mission Briefing: Kick off your adventure with a hands-on lab designed to enhance your investigation and incident response expertise.

🌐 Defend against sophisticated APTs with Cisco XDR: Learn how to empower your teams to go from endless investigation to remediating the highest priority incidents with greater speed, efficiency, and confidence. We will explore how to:

· Identify patterns and correlations in threat activity with root cause and attack chain analysis

· Leverage machine learning to prioritize incidents based on risk and impact

· Elevate productivity with automation and guidance

🍽️ Refuel and Recharge: All that work sure works up an appetite! Join us for lunch to seize networking opportunities within the cybersecurity community and cultivate valuable connections.

Regal XDR Workshop

In today’s fast-paced threat landscape, organizations face sophisticated cyberattacks targeting endpoints, networks, and email systems. The ability to rapidly detect, investigate, and respond to incidents across multiple vectors is vital for maintaining a strong security posture.

This hands-on workshop is designed to empower security professionals with the practical knowledge and skills needed to orchestrate a rapid and effective incident response strategy using Cisco’s integrated security solutions, as well as Microsoft Defender for endpoint protection. The session emphasizes the importance of securing email as a primary attack vector, alongside endpoint and network security.

Participants will gain hands-on experience with a powerful ecosystem of tools, including Cisco XDR, Secure Endpoint, Umbrella, Secure Malware Analytics, Cisco Firewalls, Cisco Email Threat Defense, and Threat Intelligence. Additionally, we’ll explore how to seamlessly integrate these tools with Microsoft Defender to create a unified, robust security strategy.

Workshop Highlights:

This workshop will provide practical, hands-on experience with:

• Cisco XDR: Consolidate and analyze telemetry from across your security ecosystem to enable faster detection and response.
• Cisco Secure Endpoint: Detect and mitigate endpoint threats with advanced EDR capabilities powered by real-time analytics.
• Cisco Umbrella: Protect users from malicious domains, phishing, and malware with DNS-layer security and secure web gateway features.
• Cisco Secure Malware Analytics: Conduct in-depth malware analysis to uncover sophisticated threats and generate actionable intelligence.
• Cisco Firewall: Strengthen perimeter defenses with comprehensive threat protection and policy enforcement.
• Cisco Email Threat Defense: Secure email, the most targeted attack vector, by identifying and blocking phishing, business email compromise (BEC), and malicious attachments.
• Threat Intelligence: Leverage actionable threat intelligence to enhance your ability to detect and respond to emerging threats.
• Microsoft Defender for Endpoint: Integrate and utilize Microsoft Defender to ensure seamless endpoint protection across hybrid environments.

Key Takeaways:

• Build a unified, streamlined incident response strategy across email, endpoint, network, and cloud environments.
• Gain practical experience with Cisco XDR and its integration with endpoint, email, and network security tools.
• Learn to operationalize threat intelligence to improve detection and accelerate response times.
• Explore real-world workflows for detecting, analyzing, and neutralizing advanced threats, including ransomware, phishing, and malware.
• Discover best practices for integrating Microsoft Defender with Cisco’s security solutions to create a multi-layered defense strategy.

Who Should Attend:

• Security Operations Center (SOC) analysts
• Incident response teams
• Cybersecurity engineers and architects
• IT professionals responsible for securing enterprise environments

Workshop Format:

• Duration: 4-6 hours (customizable based on audience needs)
• Structure:
  • Interactive presentations and demonstrations
  • Hands-on labs with guided exercises
  • Live threat simulations and response workflows

Prerequisites:

• You will need to bring a laptop for this hands-on workshop
• Basic understanding of cybersecurity concepts and frameworks.
• Familiarity with endpoint, email, and network security tools is helpful but not required.
• Ensure you are able to access https://ciscosecurityworkshop.com/ portal or else ask your IT Admin to allow this URL: https://ciscosecurityworkshop.com/ . If not possible, please bring your personal Laptop.
• The workshop uses a Microsoft tenant (ciscothreathunting.ninja). This tenant should be allowed and tenant restrictions should not be applied.
• A dual monitor / screen would be helpful for the workshop but not essential.

Why Attend?

This workshop provides a unique opportunity to strengthen your incident response capabilities by mastering the integration of Cisco and Microsoft security solutions. Learn how to secure your organization’s email systems, endpoints, and network infrastructure against today’s most sophisticated cyber threats. With actionable insights and guided hands-on labs, you’ll leave with the confidence to rapidly detect, investigate, and respond to threats across multiple attack surfaces.

Covenant Zero Trust Access Lab

Course Title:
Designing and Deploying Zero Trust Access with Cisco Secure Access

Course Description:
Step into the role of a network security administrator in this guided, hands-on workshop. You’ll learn how to design, deploy, and validate a modern Zero Trust Access solution using Cisco Secure Access. Acting as the administrator for the fictional organization PseudoCo, you will configure secure connectivity between remote users and private applications hosted in a secure data center.

You’ll have full administrative access to a dedicated virtual data center environment in Cisco’s dCloud, pre-provisioned for Secure Access integration. Each participant also receives a unique Secure Access organization, enabling you to configure and test infrastructure in any Secure Access region, with recommendations to align settings with your specific dCloud Data Center location.

Workshop Highlights

• Real-World Zero Trust Scenarios: Configure secure connectivity for remote users and private applications.
• Hands-On Labs: Access to a fully provisioned virtual data center and unique Secure Access organization.
• End-to-End Deployment: Learn to set up VPNs, IP pools, and tunnels for seamless, secure access.
• Expert Guidance: Step-by-step lab exercises and access to proctors for support.

Key Takeaways

• Practical experience deploying Zero Trust Access solutions using Cisco Secure Access.
• Skills to configure and validate secure connections between distributed users and applications.
• Understanding of best practices for aligning Secure Access configurations with data center regions.

Who Should Attend

• IT and network administrators responsible for securing enterprise access.
• Security engineers and architects interested in Zero Trust methodologies.
• Anyone preparing to deploy Cisco Secure Access solutions in their organization.

Workshop Format

• Hands-On Labs: Interactive, guided exercises in a live dCloud virtual environment.
• Instructor Support: Direct assistance from proctors and subject matter experts.
• Individual Access: Each attendee receives their own Secure Access organization and isolated lab environment.

Prerequisites

• Familiarity with basic networking and security concepts.
• Prior experience with remote access technologies or Cisco solutions is helpful but not required.
• Access to a Cisco dCloud account (provided as part of the course).

Why Attend?

This workshop offers a unique, practical opportunity to master Zero Trust Access with Cisco Secure Access in a risk-free, fully supported lab environment. You’ll leave with the confidence and know-how to implement secure, modern access solutions tailored to your organization’s needs.