Falcon 280: Investigating with Falcon Forensics is a one-day, two-credit instructor-led course designed for security analysts and threat hunters. It focuses on using Falcon Forensics to collect and analyze on-disk artifacts during host-based investigations. Participants gain hands-on experience navigating forensic dashboards, analyzing Windows hunting leads, conducting timeline investigations, and leveraging host information panels. The course also teaches the use of CrowdStrike Query Language to perform custom investigations, build custom dashboards, and generate forensic reports. A multi-hour capstone project reinforces skills through real-world investigative scenarios.

Join for free to read