Security Event Triage: Statistical Baselining with SIEM Data Integration

سرفصل های دوره

Log parsing and analysis does not scale well to large data sets. This course will teach you how to perform data analysis and baselining on large data sets to efficiently identify and address threats.

Exercise Files

security-event-triage-baselining-siem-data-integration.zip

Module 1 - Course Overview

1. Course Overview

Module 2 - Investigating Security Incidents with the Elastic SIEM

1. Introduction

2. Addressing InfoSec Challenges with a SIEM

3. Getting Familiar with the Elastic Stack

4. Hands-on with the Elastic SIEM

5. Detecting Persistence through Scheduled Tasks

6. Overview

Module 3 - Detecting Suspicious Network Traffic

1. Introduction

2. Leveraging Network Security Monitoring

3. Identifying Connections to Malicious Domains

4. Detecting Command-and-Control Traffic

5. Analyzing DNS Tunneling

6. Investigating C2 Channels over ICMP

7. Overview

Module 4 - Investigating File-less Malware Attacks

1. Classifying File-less Malware Attacks

2. Investigating Post-exploitation Attacks Based on PowerShell

3. Identifying Lateral Movement

Module 5 - Performing Behavioral Analysis

1. Introduction to Behavioral Analysis

2. Leveraging Sysmon for Endpoint Detection

3. Investigating Post-exploitation Attacks

4. Detecting Advanced Credential Dumping

5. Conclusion

Module 6 - Correlating Related Events

1. Introduction

2. Investigating The Human Resistance (THR) Group Attacks

3. Investigating Republic of Strashnakovia (ROS) Group Attacks

4. Conclusion

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight