SIEM Admin - Incident Handing Training - SOC Team

SIEM Admin - Incident Handing Training - SOC Team

THE MOST DEMANDING SIEM Online Training IS NOW ON UDEMY!

PHASE 2 - This course will make you familiar and teach you about various SIEM tools component, architecture, event life cycle and administration part for Splunk for log source integration, rule creation,  report configuration, dashboard creation, fine tuning and Incident Handing steps followed by Security Operation Center Team.

This course is designed is such a way, that any beginner or any working professional can learn the below SIEM tools event flow, architecture, design & difference.

1) HP ArcSight

2) IBM QRadar

3) RSA Security Analytics

4) Splunk

5) McAfee Nitro

What you will learn after completing this course:

• What is the SIEM

• SIEM Business Requirement

• SIEM Architecture of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro

• Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro

• Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro

• Integration Configuration of Data sources [Splunk]

• What is Cyber Kill Chain

• How to develop effective USECASE in SIEM

• How to Evaluate a SIEM tool

• Building Industry Based Use Cases [Splunk]

• Alert Creation in [Splunk]

• Event Monitoring [Splunk]

• Creating Dashboards for Attack Analysis [Splunk]

• Report Configuration [Splunk]

• Fine Tuning Of Alerts[Splunk]

• Real World Incident Response Investigation [Splunk]

Happy Learning !

Learn about SIEM tools HP Arcsight, IBM QRadar, RSA Security Analytic, Splunk, McAfee Nitro required for in SOC

Url: View Details

What you will learn

• What is the SIEM
• SIEM Business Requirement
• Integration Configuration of Data sources [Splunk]

Rating: 4.70833

Level: All Levels

Duration: 3.5 hours

Instructor: Vikram Saini