SIEM - Incident Response Training (Learn From Scratch)
3.2 (11 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
23 students enrolled

SIEM - Incident Response Training (Learn From Scratch)

Learn about SIEM tool HP Arcsight, IBM QRadar, RSA Security Analytic, Splunk, McAfee Nitro required for in SOC
3.2 (11 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
23 students enrolled
Created by Vikram Saini
Last updated 9/2019
English
English [Auto-generated]
Price: $99.99
30-Day Money-Back Guarantee
This course includes
  • 2 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • What is the SIEM
  • SIEM Business Requirement
  • Integration of Different Data Source to SIEM
  • SIEM Architechture
  • Administration of Configuration of Multiple SIEM (HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro)
  • Roles of Different SIEM Component
  • Event Life Cycle in SIEM Solution
  • Alert Creation
  • Creating Dashboards for Attack Analysis
  • Report Configuration
  • Building industry Based Use Cases
  • Event Monitoring
  • Fine Tuning Of Alerts
Requirements
  • Be able to understand the basic of windows and networks
Description

THE MOST DEMANDING SIEM Online Training IS NOW ON UDEMY!

Interested in learning SIEM tools by different vendors in 1 shot, then this course is for YOU.

This course is designed is such a way, that any beginner or any working professional can learn the below SIEM tools from the scratch efficiently.

1) HP ArcSight

2) IBM QRadar

3) RSA Security Analytics

4) Splunk

5) McAfee Nitro


- What is a SIEM tool

- What are the component and architecture of multiple SIEM tool

- Learn how to install an agent into the Endpoint Machine.

- What are the important logs required to configure

- How to configure network devices

- What is Usecase -Life Cycle

- What is Cyber Kill Chain

- How to develop effective USECASE in SIEM

- How to Evaluate a SIEM tool


***************************************************

NOTE : We will keep adding more content in our training,

***************************************************

Happy Learning !

Who this course is for:
  • College Student looking for Cyber Security Opportunity.
  • Security Engineer curious about SIEM
  • SOC Analyst looking for SIEM Administration Training
  • Network Engineer looking for change in Cyber Security
  • Sr. SOC Analyst looking for learn multiple SIEM tools
Course content
Expand all 42 lectures 01:47:20
+ SIEM Architecture of HP Arcsight, RSA SA, Splunk, QRadar & Nitro
3 lectures 11:13
SIEM Architecture - Receiver Component.
03:42
SIEM Architecture - Manager Component
02:58
SIEM Architecture - Logger Component
04:33
+ Event Life Cycle In Various SIEM
5 lectures 05:39
HP Arcsight Architecture
02:09
RSA SA Architecture
01:37
IBM Architecture
00:26
Splunk Architecutre
00:39
Mcafee Architecture
00:48
+ Why Integration is required
1 lecture 06:53
Why Integration is required
06:53
+ Installation & Features
3 lectures 10:37
Types of SIEM Installation
02:45
SIEM Installation
03:56
SIEM Features
03:56
+ Deployment & Configuration of Agent
6 lectures 18:08
Installation of Agent in Windows Machine
03:05
Integration & Configuration of Agent in Windows Machine
04:42
Installation of Agent in Linux Machine
02:43
Integration & Configuration of Agent in Linux Machine
02:52
Configuration of Sys-logging in SIEM
03:12
Integration of Network Device
01:34
+ Usecase Development
22 lectures 37:06
What is Usecase
02:52
Development Life-cycle for USECASES
00:45
Phase 1 - Requirement for Usecase
00:49
Phase 2 - Data Points for Usecase
01:25
Phase 3 - Log validation for Usecase
01:29
Phase 4 - Design & Phase 5 -Implementation for Usecase
02:52
Phase 6 - Documentation for Usecase
01:04
Phase 7 - Onboarding for Usecase
00:58
Phase 8 - Periodical Updation for Usecase
01:04
Types of Usecases
01:40
Cyber Kill Chain
00:56
Reconnaissance & Weaponization
01:11
Delivery, Exploitation & Installation
01:29
Command and Control & Actions on Objective
00:46
How to Build Effective Usecase - Requirement & Risk
02:30
Build Effective Usecase - Define Alert
03:26
Build Effective Usecase - Priority, Impact & Mapping to Kill Chain
01:43
Build Effective Usecase - Measure Response & Detection
01:44
Build Effective Usecase - Standard Operating Procedures & Tuning Requirement
01:42
Build Effective Usecase - Response Plan and Operational Agreement
02:09
build Effective Usecase - Auditing & Reviewing
02:36
Evaluate SIEM capabilities with the Usecases.
01:56