Security Information and Event Management
1.Course Introduction- Learn about the Overview of SIEM.
2.What is SIEM? Why do we need a SIEM?
3.Basic SIEM components and functions.
4.How SIEM works? How to analyse & investigate the logs.
5.Rules, Use cases and Correlation Activity.
6. Dashboard Creation- Identifying the attacks, threats and vulnerabilities with high visibility.
7. Common SIEM Tools- Qradar, RSA envision, Mcafee Nitro, ArcSight & Splunk.
8. Log Management in SIEM- Log collecion, Log processing, Log analysis and archiver.
9. User account creation with the roles profiling.
10.What are the benefits of SIEM solutions?