Using Splunk Enterprise Security

Kód kurzu: SPLUNKUES

Tato část není lokalizována

This 13.5-hour course prepares security practitioners to use Splunk Enterprise Security (ES). Students identify and track incidents, analyze security risks, use predictive analytics, and discover threat.

Odborní
certifikovaní lektoři

Mezinárodně
uznávané certifikace

Široká nabídka technických
a soft skills kurzů

Skvělý zákaznický
servis

Přizpůsobení kurzů
přesně na míru

Termíny kurzu

Počáteční datum: Individuální

Forma: Prezenční/Virtuální

Délka kurzu: 3 dny

Jazyk: en/cz

Cena bez DPH: 36 900 Kč

Registrovat

Počáteční
datum
Místo
konání
Forma Délka
kurzu
Jazyk Cena bez DPH
Individuální Prezenční/Virtuální 3 dny en/cz 36 900 Kč Registrovat
G Garantovaný kurz

Nenašli jste vhodný termín?

Napište nám o vypsání alternativního termínu na míru.

Kontakt

Struktura kurzu

Tato část není lokalizována

Module 1 – Getting Started with ES

  • Describe the features and capabilities of Splunk Enterprise Security (ES)
  • Explain how ES helps security practioners prevent, detect, and respond to threats
  • Describe correlation searches, data models and notable events
  • Describe user roles in ES
  • Log into Splunk Web and access Splunk for Enterprise Security

Module 2 – Security Monitoring and Incident Investigation

  • Use the Security Posture dashboard to monitor ES status
  • Use the Incident Review dashboard to investigate notable events
  • Take ownership of an incident and move it through the investigation workflow
  • Use adaptive response actions during incident investigation
  • Create notable events
  • Suppress notable events

Module 3 –  Risk-Based Alerting

  • Give an overview of Risk-Based Alerting
  • View Risk Notables and risk information on the Incident Review dashboard
  • Explain risk scores and how to change an object’s risk score
  • Review the Risk Analysis dashboard
  • Describe annotations
  • Describe the process for retrieving LDAP data for an asset or indentify lookup

Module 4 – Investigations

  • Use investigations to manage incident response activity
  • Use the investigation Workbench to manage, visualize and coordinate incident investigations
  • Add various items to investigations (notes, action history, collaborators, events, assets, identities, files and URLs)
  • Use investigation timelines, lists and summaries to document and review breach analysis and mitigation efforts

Module 5 – Using Security Domain Dashboard

  • Use ES to inspect events containing information relevant to active or past incident investigation
  • Identify security domains in ES
  • Use ES security domain dashboards
  • Launch security domain dashboards from incident Review and from action menus in search results

Module 6 – Web Intelligence

  • Use the web intelligence dashboards to analyze your network environment
  • Filter ad highlight events

Module 7 – User Intelligence

  • Evaluate the level of insider threat with the user activity and access anomaly dashboards
  • Understand asset and identity concepts
  • Use the Asset and identify Investigator to analyze events
  • Use the session center for identity resolution
  • Discuss Splunk User Behavior Analytics (UBA) integration

Module 8 – Threat Intelligence

  • Give an overview of the Threat Intelligence framework abd how threat intel is configured in ES
  • Use the Threat Activity dashboard to see which threat sources are interacting with your environment
  • Use the Threat Artifacts dashboard to examine the status of threat intelligence information in your environment

Module 9 – Protocol Intelligence

  • Explain how network data is input into Splunk events
  • Describe Stream events
  • Give an overview of the Protocol intelligence dashboards and how they can be used to analyze network data

Předpokládané znalosti

Tato část není lokalizována

  • Splunk Fundamentals 1
  • Splunk Fundamentals 2

Potřebujete poradit nebo upravit kurz na míru?

onas

produktová podpora

Navazující kurzy

Free Splunk Fundamentals 1 en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

0 Kč bez DPH

Free Splunk User Behavior Analytics en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

0 Kč bez DPH

Advanced Searching and Reporting en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

36 900 Kč bez DPH

Splunk Infrastructure Overview en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

0 Kč bez DPH

Splunk for Analytics and Data Science en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

36 900 Kč bez DPH

Creating Dashboards with Splunk en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

34 900 Kč bez DPH

Splunk Cluster Administration en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

36 900 Kč bez DPH

Splunk Enterprise Data Administration en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

36 900 Kč bez DPH

Troubleshooting Splunk Enterprise en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

24 600 Kč bez DPH

Working with Metrics in Splunk en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

34 900 Kč bez DPH

Implementing Splunk Data Stream Processor (DSP) en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

54 900 Kč bez DPH

Splunk Cloud Administration en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

34 900 Kč bez DPH

Transitioning to Splunk Cloud en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

12 900 Kč bez DPH

Splunk Enterprise System Administration en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

24 600 Kč bez DPH

Splunk Enterprise System Administration en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

24 600 Kč bez DPH

Advanced Dashboards and Visualizations en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

36 900 Kč bez DPH

Building Splunk Apps en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

36 900 Kč bez DPH

Developing with Splunk’s REST API en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

34 900 Kč bez DPH

Administering Phantom en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

34 900 Kč bez DPH

Developing SOAR Playbooks en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

34 900 Kč bez DPH

Advanced Phantom Implementation en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

36 900 Kč bez DPH

Administering Splunk Enterprise Security en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

36 900 Kč bez DPH

Using Splunk IT Service Intelligence en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

12 900 Kč bez DPH

Implementing Splunk IT Service Intelligence en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

49 200 Kč bez DPH

Implementing Splunk SmartStore en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

12 900 Kč bez DPH

Using Splunk Infrastructure Monitoring en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

34 900 Kč bez DPH

Kubernetes Monitoring with Splunk en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

12 900 Kč bez DPH

Automation Using the REST and SignalFlow APIs en/cz

Dodavatel: Splunk

Oblast: Big Data

Cena od:

34 900 Kč bez DPH

Using the Splunk Terraform Provider en

Dodavatel: Splunk

Oblast: Big Data

Cena od:

34 900 Kč bez DPH

Platební brána ComGate Logo MasterCard Logo Visa