Elastic Endpoint Security Triage and Response


Course Summary

Not every attack is the same, which is why Elastic Endpoint Security gives you detailed explanations for each type of threat and the capability to respond accordingly. This instructor-led course focuses on endpoint detection and response workflows. You will learn how to use alert management tools to respond to malicious actions as well as how to hunt for advanced adversary tradecraft. After completing this course, you will be able to triage and respond to advanced threats, as well as hunt them down in your environment.

Topics Covered

  • Triage and tune
  • Alert management
  • Detection and response
  • Hunting malicious activity
  • Advanced tradecraft analytics

Course Details


Security analysts who are responsible for hunting and alert triage


Classroom - 2 days | 8 hours per day
Virtual - 4 Days | 4 hours per day

Upcoming Classes

This course is only offered privately. Please contact your sales representative or email us at sales@elastic.co to schedule a training.


  • Familiarity with Linux and Windows operating system
  • Basic understanding of cyber security concepts and terms


  • Mac, Linux, or Windows
  • Stable internet connection (virtual classroom)
  • Latest version of Chrome or Firefox (other browsers not supported)
  • Disable any ad blockers and restart your browser before class