ESM 201: NAM Advanced Enterprise Security Manager SIEM

Training Overview

Enterprise Security Manager—the heart of our security information & event management (SIEM) solution—provides near real-time visibility into the activity on all your systems, networks, databases, & applications. This enables you to detect, correlate, & remedy threats in minutes across your entire IT infrastructure. This training prepares Enterprise Security Manager engineers & analysts to understand, communicate, & use the features provided by Enterprise Security Manager. Through demonstration, explanation, & hands-on lab exercises, you will learn how to utilize the Enterprise Security Manager by using recommended best practices & methodologies.

Duration: 4 days

Prerequisites

It is recommended that professionals have a working knowledge of networking & system administration concepts.

Audience Profile

This training is aimed at Enterprise Security Manager users, responsible for monitoring activity on systems, networks, databases, and applications, & for configuration & management of the Enterprise Security Manager solution. Attendees should have a working knowledge of networking & system administration concepts, a good understanding of computer security concepts, & a general understanding of networking & application software.

Learning Objectives:

This training focuses on enabling you to do the following: 

  • Configure Auto Learn to listen to incoming events after installing & configuring the SIEM Collector Agent.
  • Describe alarms, Build & edit templates, use remote commands, create report queries, Configure notifications
  • Understand Regex & available resources. Discussion on handling unknown events & creating custom parsing rules.
  • Research current threats & vulnerabilities. Create use cases from current threats & vulnerabilities.
  • Utilize advanced rule correlation options & deviation-based rule correlation & risk correlation.

Content Outline

  • Welcome
  • Contextual Configurations
  • Advanced Data Source Options
  • Alarms, Actions, Notifications, & Reports
  • Data Streaming Bus
  • Advanced Syslog Parser
  • ESM Tuning & Best Practice
  • Performance Troubleshooting
  • Advanced Correlation
  • Analyst Tasks
  • Use Case Overview
  • Management Directives Use Cases
  • Organizational Policies Use Cases
  • Compliance Use Cases
  • Current Threats & Vulnerabilities Use Cases
  • Incident Identification Use cases

FAQs

Enterprise Security Manager—the heart of our security information & event management (SIEM) solution—provides near real-time visibility into the activity on all your systems, networks, databases, & applications. This enables you to detect, correlate, & remedy threats in minutes across your entire IT infrastructure. This training prepares Enterprise Security Manager engineers & analysts to understand, communicate, & use the features provided by Enterprise Security Manager.

Enterprise Security Management is the process of controlling configuration, deployment, & monitoring of security policy across multiple platforms & security point products. Security Problems & Threats. Security problems & threats are a major reason for using ESM across an organization.

This training focuses on enabling you to do the following: 

  • Configure Auto Learn to listen to incoming events after installing & configuring the SIEM Collector Agent.
  • Describe alarms, Build & edit templates, use remote commands, create report queries, Configure notifications
  • Understand Regex & available resources. Discussion on handling unknown events & creating custom parsing rules.
  • Research current threats & vulnerabilities. Create use cases from current threats & vulnerabilities

It is recommended that professionals have a working knowledge of networking & system administration concepts.

Radiant Tech Learning has a data centre containing a Virtual Training environment for the purpose of professional hand-on-practice. Professionals can easily access these labs over Cloud with the help of a remote desktop connection. Radiant virtual labs provide you with the flexibility to learn from anywhere in the world & at any time. 

The learners will be enthralled as we engage them the real-world & Oriented industry projects during the training program. These projects will improve your skills & knowledge, & you will gain a better experience. These real-time projects will help you a lot in your future tasks & assignments.

You can request a refund if you do not wish to enroll in the training.

Radiant has highly intensive selection criteria for Technology Trainers & Professionals who deliver training programs. Our trainers & professionals undergo rigorous technical & behavioural interview & assessment processes before they are on-boarded in the company.

Our Technology experts/trainers & professionals carry deep-dive knowledge in the technical subject & are certified by the OEM.

Our training programs are practically oriented with 70% – 80% hands-on training technology tools. Our training program focuses on one on one interaction with each professional, the latest content in the curriculum, real-time projects & case studies during the training program.

Our faculty will provide you with the knowledge of each training from the fundamental level in an easy way & you are free to ask your doubts any time from your respective faculty.

Our trainers have patience & ability to explain difficult concepts in a simplistic way with depth & width of knowledge.

To ensure quality learning, we provide a support session even after the training program.

Send a Message.


  • Enroll