Security Event Triage: Statistical Baselining with SIEM Data Integration
|
Log parsing and analysis does not scale well to large data sets. This course will teach you how to perform data analysis and baselining on large data sets to efficiently identify and address threats.
As businesses innovate and make ground-breaking developments in the markets they operate within, successes can become reasons for advanced cyber threats to target your organization. In this course, Security Event Triage: Statistical Baselining with SIEM Data Integration, you will gain the ability to perform detection and analysis of threats at scale. First, you will learn which leg events to look for to identify suspicious activity. Next, you will discover how to pivot between indicators to find the root cause of the incident. Finally, you will explore how to correlate events from multiple sources across your estate to identify the actions on objective of the attacker as well as the impact. When you’re finished with this course, you will have the skills and knowledge of data analysis and baselining needed to detect threats at scale.
Author Name: Cristian Pascariu
Author Description:
Cristian took part in auditing and implementation of infosec capabilities to uplift security posture. He managed codification efforts to extract indicators of compromise and created rules in the scope of defending against new emerging threats. He has also developed tools and scripts to overcome security gaps within the corporate network. Cristian has mentored L1 and L2 analysts to increase triage efficiency and combat new threats. He has experience in the field of Application Security and has pr… more
Table of Contents
- Course Overview
1min - Investigating Security Incidents with the Elastic SIEM
20mins - Detecting Suspicious Network Traffic
21mins - Investigating File-less Malware Attacks
16mins - Performing Behavioral Analysis
17mins - Correlating Related Events
13mins
User Reviews
Be the first to review “Security Event Triage: Statistical Baselining with SIEM Data Integration”
Related Products
Malware Analysis: Identifying and Defeating Code Obfuscation
Malware authors routinely utilize obfuscation techniques to complicate the analysis of their code. This course will teach you techniques for identifying and defeating code obfuscation so that key characteristics and behaviors can be identified.
Pluralsight LIVE 2018: Get Your Geek On (Security)
Safeguard your organization from threats by leveling up your security know-how.
The IT Ops Sessions: Zero Trust Technologies – Designing and Deploying Microsegmentation
In this IT Ops session, you’ll learn to design and deploy microsegmentation throughout your enterprise.
Credential Access with John the Ripper
John the Ripper (JtR) is widely used within red team assessments. Learn how to leverage the powerful capabilities of JtR to crack passwords of various hash types and use JtR within Metasploit.
Using Microsoft Azure Security Tools to Protect AI Solutions
As more and more systems are automated with the use of AI, securing AI solutions is of paramount importance. In this course, you will explore the various facilities Azure offers to secure Azure machine service learning solutions.
Physical Security
Most information security professionals find the domain of physical security to be one of their hardest areas. This course outlines the concepts of physical security and will help you understand physical security requirements and implementation.
There are no reviews yet.