SIEM Admin - Incident Handing Training - SOC Team

About SIEM Admin - Incident Handing Training - SOC Team

THE MOST DEMANDING SIEM Online Training IS NOW ON UDEMY!

PHASE 2 - This course will make you familiar and teach you about various SIEM tools component, architecture, event life cycle and administration part for Splunk for log source integration, rule creation, report configuration, dashboard creation, fine tuning and Incident Handing steps followed by Security Operation Center Team. This course is designed is such a way, that any beginner or any working professional can learn the below SIEM tools event flow, architecture, design & difference. 1) HP ArcSight 2) IBM QRadar 3) RSA Security Analytics 4) Splunk 5) McAfee Nitro

What you will learn after completing this course:

What is the SIEM

SIEM Business Requirement

SIEM Architecture of

HP Arcsight, IBM QRadar, Splunk, RSA SA

&

McAfee Nitro

Event Life Cycle in SIEM Solution

HP Arcsight, IBM QRadar, Splunk, RSA SA

&

McAfee Nitro

Roles of Different SIEM Component of

HP Arcsight

,

IBM QRadar

,

Splunk, RSA SA

&

McAfee Nitro

Integration Configuration of Data sources [

Splunk

]

What is Cyber Kill Chain

How to develop effective USECASE in SIEM

How to Evaluate a SIEM tool

Building Industry Based Use Cases [

Splunk

]

Alert Creation in [

Splunk

]

Event Monitoring [

Splunk

]

Creating Dashboards for Attack Analysis [

Splunk

]

Report Configuration [

Splunk

]

Fine Tuning Of Alerts[

Splunk

]

Real World Incident Response Investigation [

Splunk

] Happy Learning !