The Techvids library gives you access to in-depth video tutorials, product demos, and troubleshooting guides to enhance your fundamental cybersecurity knowledge and get the most out of your products.
EDR 3.0 - Live Discover & Response: Caldera
This one is longer and shows how I determined the observable for Caldera then went from writing a query for each technique to having one query for all of them.