rozšířené vyhledávání
Máte nějaké otázky?
+420 731 175 867 (Po-Pá: 09-17hod.)
CZ
0 Košík

2-7329 – ArcSight Recon Analyst

Kód kurzu: OT27329

This course offers a comprehensive, hands-on introduction to ArcSight Recon for security analysts and threat hunters. It focuses on event search and reporting capabilities, hunting threats, and outlier detection.

Highlights:

  • Create search queries using ArcSight schema fields, keywords, field sets, search operators, and hashtags.
  • Use default content reports and dashboards to analyze events of interest, including MITRE ATT&CK content.
  • Create reports and dashboards using data worksheets from scratch.
  • Analyze event data using Recon tools in sample scenarios, such as uncovering ex-employee threats and detecting Log4j vulnerability.
  • Use Recon tools to analyze historical events and identify undetected threats in a sample unstructured threat-hunting scenario.
  • Build and score the outlier model and explain outlier’s analytics charts.
84 000 Kč

101 640 Kč s DPH

Nejbližší termín od 22.06.2026

Výběr termínů
onas
Máte dotaz?
+420 731 175 867 edu@edutrainings.cz

Odborní
certifikovaní lektoři

Mezinárodně
uznávané certifikace

Široká nabídka technických
a soft skills kurzů

Zobrazit soft skills kurzy

Skvělý zákaznický
servis

Přizpůsobení kurzů
přesně na míru

Termíny kurzu

Počáteční datum: 22.06.2026

Místo konání: Praha

Forma: Prezenční

Délka kurzu: 4 dny

Jazyk: en

Cena bez DPH: 84 000 Kč

Registrovat

Počáteční datum: 19.10.2026

Místo konání: Praha

Forma: Prezenční

Délka kurzu: 4 dny

Jazyk: en

Cena bez DPH: 84 000 Kč

Registrovat

Počáteční datum: Na vyžádání

Forma: Prezenční/Virtuální

Délka kurzu: 4 dny

Jazyk: en/cz

Cena bez DPH: 84 000 Kč

Registrovat

Počáteční
datum		 Místo
konání		 Forma Délka
kurzu		 Jazyk Cena bez DPH
22.06.2026 Praha Prezenční 4 dny en 84 000 Kč Registrovat
19.10.2026 Praha Prezenční 4 dny en 84 000 Kč Registrovat
Na vyžádání Prezenční/Virtuální 4 dny en/cz 84 000 Kč Registrovat
G Garantovaný kurz

Nenašli jste vhodný termín?

Napište nám o vypsání alternativního termínu na míru.

Kontakt

Popis kurzu

As a learner, you will begin by exploring event search and reporting features using Recon’s default content to get familiar with the interface and its core functionalities. As the course progresses, you will engage in hands-on exercises to build more advanced event searches, reports, and dashboards from the ground up.

You will also analyze security events tied to specific use cases, such as detecting threats from former employees, investigating the Log4j vulnerability, and uncovering insider threats related to data exfiltration. By applying your knowledge of Recon, you will examine these scenarios to identify targets, indicators of compromise (IoCs), and potential attackers.

This course is ideal for security analysts who want to enhance their threat detection and investigation capabilities by leveraging ArcSight Recon’s event search, reporting, and dashboarding features to identify anomalies, uncover threats, and support proactive security operations.

Struktura kurzu

On completion of this course, participants should be able to:

  • Investigate events using Recon Search tools and Scheduled event searches.
  • Explain the usage of Search resources such as Field Sets, Filters, and Operators.
  • Describe, access, create and use Reports and Dashboards.
  • Describe and use the default Cloud Security Dashboards and Reports.
  • Implement Dashboards with Parabox Charts (known as parallel box plots charts).
  • Describe and use the default MITRE ATT&CK Dashboards and Reports.
  • Describe Threat Hunting types: unstructured and structured
  • Create custom Search Queries, Reports and Dashboards to analyze event data using sample scenarios.
  • Define Outliers Models and identify suspicious sources using Recon Analytics charts.

Předpokládané znalosti

To be successful in this course, you should have the following prerequisites or knowledge:

  • Familiar with Boolean logic operators and ArcSight Schema groups and fields.
  • Basic understanding of Command Shell in Windows and Linux, and familiarity with SIEM concepts

Potřebujete poradit nebo upravit kurz na míru?

onas

produktová podpora

+420 731 175 867

edu@edutrainings.cz

Platební brána ComGate Logo MasterCard Logo Visa