در حال بارگذاری
24 ژانویه 2021
دوره آموزشی
22 گیگابایت

SEC555: SIEM with Tactical Analytics

SEC555 [ PDF= 2017 Video = 2018 USB = 2017 ]

Many organizations have logging capabilities but lack the people and processes to analyze them. In addition, logging systems collect vast amounts of data from a variety of data sources which require an understanding of the sources for proper analysis. This class is designed to provide training, methods, and processes for enhancing existing logging solutions. This class will also provide the understanding of the when, what, and why behind the logs. This is a lab-heavy course that utilizes SOF-ELK, a SANS-sponsored free SIEM solution, to train hands-on experience and provide the mindset for large-scale data analysis.

Syllabus SEC555
SEC555.1: SIEM Architecture
SEC555.2: Service Profiling with SIEM
SEC555.3: Advanced Endpoint Analytics
SEC555.4: Baselining and User Behavior Monitoring
SEC555.5: Tactical SIEM Detection and Post-Mortem Analysis
SEC555.6: Capstone: Design, Detect, Defend