ArcSight SIEM - A Step-by-Step BootCamp

Tackle cyber threats in real time by using powerful, scalable, and efficient SIEM security software.

Ratings 3.81 / 5.00
ArcSight SIEM - A Step-by-Step BootCamp

What You Will Learn!

  • Security Information and Event Management
  • SIEM
  • Micro Focus ArcSight SIEM
  • Micro Focus ArcSight Enterprise Security Manager (ESM)
  • Micro Focus ArcSight Data Platform (ADP)
  • Micro Focus ArcSight SmartConnector
  • Hands-ON
  • Use Cases
  • The course was originally published on 2nd Jan 2020 with 32 videos and more videos are being added since then to cover more topics

Description

Do you want to enter the SIEM field?

Do you want to learn one of the leaders SIEM technologies? 

Do you want to understand the concepts and gain the hands-on on Micro Focus ArcSight SIEM?

Then this course is designed for you.

Through baby steps you will learn Micro Focus ArcSight SIEM


New section added for ArcSight Logger that includes

  • Microfocus ArcSight Logger Installation (4 lectures)

  • Microfocus ArcSight Logger GUI Demystified

  • Ingesting Data in Logger and create Dashboards (2 lectures)


The course covers the following lessons:


  • Import Brute Force package from ArcSight marketplace

  • Import Sysmon package from ArcSight marketplace

  • What is SIEM

  • ArcSight SIEM

  • ESM Enables Situational Awareness

  • ESM Anatomy

  • SmartConnectors

  • ArcSight Manager & CORR-EngineStorage

  • User Interfaces & Use Cases

  • Interactive Discovery & Pattern Discovery

  • ESM on an Appliance & Logger & ArcSight Solutions

  • Life Cycle of an Event Through ESM

  • Data Collection and Event Processing - Collect & Normalize Event Data

  • Data Collection and Event Processing - Apply Event Categories

  • Data Collection and Event Processing - Look up Customer and Zone in Network Model

  • Data Collection and Event Processing - Filter and Aggregate Events & Managing SmartConnector Configurations

  • Priority Evaluation and Network Model Lookup

  • Workflow

  • Correlation Evaluation - Correlation Overview & Filters & Rules

  • Correlation Evaluation - How Rules are Evaluated & How Rules Use Active & Session Lists

  • Correlation Evaluation - Data Monitors

  • Correlation Evaluation - How Correlation Uses Local and Global Variables & Velocity Templates

  • Correlation Evaluation - Event Types

  • Fixing Time of Log Source

  • Forgotten ESM Account Password and Disabled Account

Who Should Attend!

  • Network Security Specialists & Administrators
  • SOC Operators & Analysts
  • Information Security Sepcialists

TAKE THIS COURSE

Tags

  • Cyber Security
  • Security Information and Event Management (SIEM)

Subscribers

860

Lectures

52

TAKE THIS COURSE



Related Courses