SIEM Admin - Incident Handing Training - SOC Team

Name: SIEM Admin - Incident Handing Training - SOC Team
Brand: Udemy
SKU: course:2495064
Rating: 3.5 (27 reviews)

Learn about SIEM tools HP Arcsight, IBM QRadar, RSA Security Analytic, Splunk, McAfee Nitro required for in SOC

(27 ratings)

92 students

Created by Vikram Saini

Last updated 12/2020

English

English [Auto]

30-Day Money-Back Guarantee

What you'll learn

What is the SIEM
SIEM Business Requirement
Integration Configuration of Data sources [Splunk]
SIEM Architechture of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Administration of Configuration of Multiple SIEM (HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro)
Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Alert Creation in [Splunk]
Creating Dashboards for Attack Analysis [Splunk]
Report Configuration [Splunk]
Building Industry Based Use Cases [Splunk]
Event Monitoring [Splunk]
Fine Tuning Of Alerts [Splunk]
Real World Incident Response Investigation [Splunk]
What is Cyber Kill Chain
How to develop effective USECASE in SIEM
How to Evaluate a SIEM tool

Requirements

SOC Analyst Training [By Vikram Saini]
Be able to understand the basic of windows and networks

Description

THE MOST DEMANDING SIEM Online Training IS NOW ON UDEMY!

PHASE 2 - This course will make you familiar and teach you about various SIEM tools component, architecture, event life cycle and administration part for Splunk for log source integration, rule creation, report configuration, dashboard creation, fine tuning and Incident Handing steps followed by Security Operation Center Team.

This course is designed is such a way, that any beginner or any working professional can learn the below SIEM tools event flow, architecture, design & difference.

1) HP ArcSight

2) IBM QRadar

3) RSA Security Analytics

4) Splunk

5) McAfee Nitro

What you will learn after completing this course:

What is the SIEM
SIEM Business Requirement
SIEM Architecture of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Event Life Cycle in SIEM Solution HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Roles of Different SIEM Component of HP Arcsight, IBM QRadar, Splunk, RSA SA & McAfee Nitro
Integration Configuration of Data sources [Splunk]
What is Cyber Kill Chain
How to develop effective USECASE in SIEM
How to Evaluate a SIEM tool
Building Industry Based Use Cases [Splunk]
Alert Creation in [Splunk]
Event Monitoring [Splunk]
Creating Dashboards for Attack Analysis [Splunk]
Report Configuration [Splunk]
Fine Tuning Of Alerts[Splunk]
Real World Incident Response Investigation [Splunk]

Happy Learning !

Who this course is for:

College Student looking for Cyber Security Opportunity.
Security Engineer curious about SIEM
SOC Analyst looking for SIEM Administration Training
Network Engineer looking for change in Cyber Security
Sr. SOC Analyst looking for learn multiple SIEM tools

11 sections • 50 lectures • 3h 36m total length

Preview09:42

What is Usecase
02:52
Development Life-cycle for USECASES
00:45
Phase 1 - Requirement for Usecase
00:49
Phase 2 - Data Points for Usecase
01:25
Phase 3 - Log validation for Usecase
01:29
Phase 4 - Design & Phase 5 -Implementation for Usecase
02:52
Phase 6 - Documentation for Usecase
01:04
Phase 7 - Onboarding for Usecase
00:58
Phase 8 - Periodical Updation for Usecase
01:04
Types of Usecases
01:40
Cyber Kill Chain
00:56
Reconnaissance & Weaponization
01:11
Delivery, Exploitation & Installation
01:29
Command and Control & Actions on Objective
00:46
How to Build Effective Usecase - Requirement & Risk
02:30
Build Effective Usecase - Define Alert
03:26
Build Effective Usecase - Priority, Impact & Mapping to Kill Chain
01:43
Build Effective Usecase - Measure Response & Detection
01:44
Build Effective Usecase - Standard Operating Procedures & Tuning Requirement
01:42
Build Effective Usecase - Response Plan and Operational Agreement
02:09
build Effective Usecase - Auditing & Reviewing
02:36
Evaluate SIEM capabilities with the Usecases.
01:56
Failed Authentication - Building Real-World Usecase
06:41
Lecture 44: Malware Identification - Building Real-World Usecase
08:08
Building Industry Based Use Cases [Splunk] - Splunk Fundamentals
07:56
Building Industry Based Use Cases [Splunk] - Splunk Searches
18:56

Vikram Saini

Cyber Security Expert | Threat Hunting | Incident Response

3.5 Instructor Rating
246 Reviews
677 Students
4 Courses

Vikram Saini worked for well-known companies like Dell, Hilton, Moody's and more in MSS SOC. He always likes to help others, to learn and to grow. He is glad to share his knowledge and experience on Udemy which will help others to grow in Cyber Security.

This training is intended for the Freshers & Experience Guys. Who is looking for carrier opportunities in cyber security and for Experienced Guys, this training will enhance the knowledge and skills required to work in Security Operation Center.

This is the first SOC Operation Center training which is provided to become a SOC analyst with a real-world cyber attack with samples of network packet capture.

SIEM Admin - Incident Handing Training - SOC Team

What you'll learn

Requirements

Description

Who this course is for:

Course content

Why SIEM tool required in Cyber Security1 lecture • 10min

SIEM Introduction1 lecture • 8min

SIEM Architecture of HP Arcsight, RSA SA, Splunk, QRadar & Nitro3 lectures • 11min

Event Life Cycle In Various SIEM5 lectures • 6min

Why Integration is required1 lecture • 7min

Installation & Features3 lectures • 11min

Deployment & Configuration of Agent6 lectures • 18min

Usecase Development26 lectures • 1hr 19min

Alert Creation in [Splunk]2 lectures • 29min

Event Monitoring, Dashboard Creation & Fine-Tuning1 lecture • 18min

Instructor