English | Size: 380.09 MB
Genre: eLearning
This Course Will Prepare You To:
Deploy the SANS SOF-ELK VM in production environments
Demonstrate ways most SIEMs commonly lag current open source solutions (e.g. SOF-ELK)
Bring students up to speed on SIEM use, architecture, and best practices
Know what type of data sources to collect logs from
Deploy a scalable logs solution with multiple ways to retrieve logs
Operationalize ordinary logs into tactical data
Develop methods to handle billions of logs from many disparate data sources
Understand best practice methods for collecting logs
Dig into log manipulation techniques challenging many SIEM solutions
Build out graphs and tables that can be used to detect adversary activities and abnormalities
Combine data into active dashboards that make analyst review more tactical
Utilize adversary techniques against them by using frequency analysis in large data sets
Develop baselines of network activity based on users and devices
Develop baselines of Windows systems with the ability to detect changes from the baseline
Apply multiple forms of analysis such as long tail analysis to find abnormalities
Correlate and combine multiple data sources to achieve more complete understanding
Provide context to standard alerts to help understand and prioritize them
Use log data to establish security control effectiveness
Implement log alerts that create virtual tripwires for early breach detection
https://nitroflare.com/view/424D10A16392C50/SANS-SEC555-Siem-with-Tactical-Analytics-PDF.part1.rar
https://nitroflare.com/view/80C595A5E77A6C8/SANS-SEC555-Siem-with-Tactical-Analytics-PDF.part2.rar
https://rapidgator.net/file/3811ff35703f8e0a6301f0efc807229a/SANS-SEC555-Siem-with-Tactical-Analytics-PDF.part1.rar.html
https://rapidgator.net/file/fe1cff83736aeea1197925a12aeadec9/SANS-SEC555-Siem-with-Tactical-Analytics-PDF.part2.rar.html
If any links die or problem unrar, send request to
https://forms.gle/fiF7GGUsfsJsXbhD7
Leave a Reply