Name: SIEM Admin - Incident Handing Training - SOC Team
Rating: 4.3 (114 reviews)

Udemy Business

Teach on Udemy

Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

Created byVikram Saini

Last updated 8/2023

English

What you'll learn

What is the SIEM
SIEM Business Requirement
Integration Configuration of Data sources [Splunk]
SIEM Architechture of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Administration of Configuration of Multiple SIEM (HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro)
Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Alert Creation in [Splunk]
Creating Dashboards for Attack Analysis [Splunk]
Report Configuration [Splunk]
Building Industry Based Use Cases [Splunk]
Event Monitoring [Splunk]
Fine Tuning Of Alerts [Splunk]
Real World Incident Response Investigation [Splunk]
What is Cyber Kill Chain
How to develop effective USECASE in SIEM
How to Evaluate a SIEM tool

Course content

11 sections • 50 lectures • 3h 36m total length

Why Cyber Security Required and What is the Primary tool used in monitoring.9:42

Integration & Configuration of Agent in Linux Machine2:52
What is Usecase2:52
Development Life-cycle for USECASES0:45
Phase 1 - Requirement for Usecase0:49
Phase 2 - Data Points for Usecase1:25
Identify data points and sources for use cases by collecting authentication and authorization logs from entry points, including Active Directory, Linux, and third-party apps.
Phase 3 - Log validation for Usecase1:29
Validate logs from field data sources, ensuring user name, IP address, station name, and machine line are captured; verify local and VPN authentication for secure remote access.
Phase 4 - Design & Phase 5 -Implementation for Usecase2:52
Phase 6 - Documentation for Usecase1:04
Phase 7 - Onboarding for Usecase0:58
Phase 8 - Periodical Updation for Usecase1:04
Types of Usecases1:40
Cyber Kill Chain0:56
Reconnaissance & Weaponization1:11
Explore how reconnaissance targets by collecting information on IPs, domains, operating systems, applications, and company accounts, then weaponize with remote administration tools to infect and exploit vulnerabilities.
Delivery, Exploitation & Installation1:29
Command and Control & Actions on Objective0:46
How to Build Effective Usecase - Requirement & Risk2:30
Build Effective Usecase - Define Alert3:26
Build Effective Usecase - Priority, Impact & Mapping to Kill Chain1:43
Build Effective Usecase - Measure Response & Detection1:44
Build Effective Usecase - Standard Operating Procedures & Tuning Requirement1:42
Build Effective Usecase - Response Plan and Operational Agreement2:09
build Effective Usecase - Auditing & Reviewing2:36
Evaluate SIEM capabilities with the Usecases.1:56
Failed Authentication - Building Real-World Usecase6:41
Lecture 44: Malware Identification - Building Real-World Usecase8:08
Building Industry Based Use Cases [Splunk] - Splunk Fundamentals7:56
Building Industry Based Use Cases [Splunk] - Splunk Searches18:56

Requirements

SOC Analyst Training [By Vikram Saini]
Be able to understand the basic of windows and networks

Description

THE MOST DEMANDING SIEM Online Training IS NOW ON UDEMY!

PHASE 2 - This course will make you familiar and teach you about various SIEM tools component, architecture, event life cycle and administration part for Splunk for log source integration, rule creation, report configuration, dashboard creation, fine tuning and Incident Handing steps followed by Security Operation Center Team.

This course is designed is such a way, that any beginner or any working professional can learn the below SIEM tools event flow, architecture, design & difference.

1) HP ArcSight

2) IBM QRadar

3) RSA Security Analytics

4) Splunk

5) McAfee Nitro

What you will learn after completing this course:

What is the SIEM
SIEM Business Requirement
SIEM Architecture of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Integration Configuration of Data sources [Splunk]
What is Cyber Kill Chain
How to develop effective USECASE in SIEM
How to Evaluate a SIEM tool
Building Industry Based Use Cases [Splunk]
Alert Creation in [Splunk]
Event Monitoring [Splunk]
Creating Dashboards for Attack Analysis [Splunk]
Report Configuration [Splunk]
Fine Tuning Of Alerts[Splunk]
Real World Incident Response Investigation [Splunk]

Happy Learning !

Who this course is for:

College Student looking for Cyber Security Opportunity.
Security Engineer curious about SIEM
SOC Analyst looking for SIEM Administration Training
Network Engineer looking for change in Cyber Security
Sr. SOC Analyst looking for learn multiple SIEM tools

What you'll learn

Explore related topics

Course content

Why SIEM tool required in Cyber Security1 lecture • 10min

SIEM Introduction1 lecture • 8min

SIEM Architecture of HP Arcsight, RSA SA, Splunk, QRadar & Nitro3 lectures • 11min

Event Life Cycle In Various SIEM5 lectures • 6min

Why Integration is required1 lecture • 7min

Installation & Features3 lectures • 11min

Deployment & Configuration of Agent5 lectures • 15min

Usecase Development27 lectures • 1hr 22min

Alert Creation in [Splunk]2 lectures • 29min

Event Monitoring, Dashboard Creation & Fine-Tuning1 lecture • 18min

Requirements

Description

Who this course is for: