وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

SIEM: Event Management with Splunk Security

سرفصل های دوره

Security information and event management (SIEM) helps companies identify risks and threats. Security events are inevitable situations that companies face as they grow, and companies need to be ready with a plan to dramatically reduce the impact of security risks and threats.

In this course, Nato Riley shows you how to master event management with Splunk so you can feel more prepared for security events than ever before. Nato provides you with essential knowledge and principles on how to set achievable security management goals, initiate effective incident discovery processes, and create valuable security reporting. Learn how to handle threats, including ransomware incidents and compromised infrastructure, and make actionable recommendations to improve security outcomes. Join Nato in this course to gain a deeper understanding of how to exert greater control over security outcomes, regardless of the size of your organization.


01 - Introduction
  • 01 - Event management overview
  • 02 - Splunks approach to security information and event management (SIEM)
  • 03 - Introduction to the Splunk Security Essentials app

  • 02 - 1. Setting Security Goals
  • 01 - The power of a good goal
  • 02 - Prioritize your security goals
  • 03 - Create event management to delegate and collaborate
  • 04 - Plan a case management strategy
  • 05 - How to use regex for custom event filtering
  • 06 - How to use GRC as a starting point

  • 03 - 2. The Security Information Discovery Process
  • 01 - What is a discovery process
  • 02 - How to apply the scientific method to build classifications
  • 03 - How to set a hypothesis and run an experiment
  • 04 - How to use regex for custom event filtering

  • 04 - 3. Build and Report
  • 01 - Implementing successful development tests into production
  • 02 - Report and alarm scheduling
  • 03 - Using MITRE ATT&CK and Cyber Kill Chain frameworks

  • 05 - 4. Auto-Remediate and Advise Action
  • 01 - Determining which events can be automated
  • 02 - Incident response, disaster recovery, and executing case management strategies
  • 03 - Root cause analysis and why it matters
  • 04 - Managing critical events
  • 05 - Real-world use cases

  • 06 - Conclusion
  • 01 - Putting it all together
  • 02 - Test detections
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    مدرس:
    شناسه: 24132
    حجم: 142 مگابایت
    مدت زمان: 53 دقیقه
    تاریخ انتشار: ۱۲ آذر ۱۴۰۲
    دسته بندی محصول
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید