SIEM: Event Management with Splunk Security

Focused View

Nato Riley

52:24

48 View

01 - Introduction

01 - Event management overview.mp4

00:46

02 - Splunks approach to security information and event management (SIEM).mp4

01:01

03 - Introduction to the Splunk Security Essentials app.mp4

02:13

02 - 1. Setting Security Goals

01 - The power of a good goal.mp4

03:08

02 - Prioritize your security goals.mp4

02:35

03 - Create event management to delegate and collaborate.mp4

02:50

04 - Plan a case management strategy.mp4

02:37

05 - How to use regex for custom event filtering.mp4

03:02

06 - How to use GRC as a starting point.mp4

02:03

03 - 2. The Security Information Discovery Process

01 - What is a discovery process.mp4

01:32

02 - How to apply the scientific method to build classifications.mp4

03:14

03 - How to set a hypothesis and run an experiment.mp4

03:31

04 - How to use regex for custom event filtering.mp4

01:40

04 - 3. Build and Report

01 - Implementing successful development tests into production.mp4

02:55

02 - Report and alarm scheduling.mp4

02:01

03 - Using MITRE ATT&CK and Cyber Kill Chain frameworks.mp4

01:28

05 - 4. Auto-Remediate and Advise Action

01 - Determining which events can be automated.mp4

01:39

02 - Incident response, disaster recovery, and executing case management strategies.mp4

03:06

03 - Root cause analysis and why it matters.mp4

02:50

04 - Managing critical events.mp4

01:40

05 - Real-world use cases.mp4

02:33

06 - Conclusion

01 - Putting it all together.mp4

02:07

02 - Test detections.mp4

01:53

Description

Security information and event management (SIEM) helps companies identify risks and threats. Security events are inevitable situations that companies face as they grow, and companies need to be ready with a plan to dramatically reduce the impact of security risks and threats.

In this course, Nato Riley shows you how to master event management with Splunk so you can feel more prepared for security events than ever before. Nato provides you with essential knowledge and principles on how to set achievable security management goals, initiate effective incident discovery processes, and create valuable security reporting. Learn how to handle threats, including ransomware incidents and compromised infrastructure, and make actionable recommendations to improve security outcomes. Join Nato in this course to gain a deeper understanding of how to exert greater control over security outcomes, regardless of the size of your organization.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

CISSP - Certified Information Systems Security Professional

Cyber Security

Network Security

Information Security

Cyber Security Awareness

Nato Riley

Instructor's Courses

Linkedin Learning

View courses Linkedin Learning

LinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications. It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.