Home Specialist skills Security SEC555: SIEM with Tactical Analytics

SEC555: SIEM with Tactical Analytics

bullet point
Deploy a scalable logs solution with multiple ways to retrieve logs
bullet point
Operationalise ordinary logs into tactical data
bullet point
Build out graphs and tables that can be used to detect adversary activities and abnormalities
bullet point
Deploy the SANS SOF-ELK VM in production environments. Also, demonstrate ways most SIEMs commonly lag current open source solutions (e.g. SOF-ELK)
bullet point
Develop methods to handle billions of logs from many disparate data sources and dig into log manipulation techniques challenging many SIEM solutions

Overview

Off the shelf (OTS)

Many organisations have logging capabilities but lack the people and processes to analyse them. In addition, logging systems collect vast amounts of data from a variety of data sources which require an understanding of the sources for proper analysis.

This class is designed to provide training, methods and processes for enhancing existing logging solutions. This class will also provide the understanding of the when, what and why behind the logs. This is a lab-heavy course that utilises SOF-ELK, a SANS-sponsored free SIEM solution, to train hands-on experience and provide the mindset for large-scale data analysis.

Delivery method
Face to face icon

Face to face

Virtual icon

Virtual

Digital icon

Digital

Course duration
Duration icon

48-51 hours

Competency level
Working icon

Working

Pink building representing strand 4 of the campus map
Delivery method
  • face to face icon

    Face to face

  • Virtual icon

    Virtual

  • Digital icon

    Digital

Course duration
Duration icon

48-51 hours

Competency level
  • Working icon

    Working

Make a booking

Contact us

chatbotSpark login – Alpha testing