Elastic Security Analytics Training

Classroom Enterprise Certification Training

Elastic Security Analytics is designed for analysts that currently use, or are interested in using, the Elastic Stack for security event collection and analytics. As you learn about these data sources, we will mix in instruction on the various components of Kibana, including basic discovery, visualizations and dashboards, and advanced components like Graph and machine learning.

Looking for a private batch ?

REQUEST A CALLBACK

Certified Trainer
Authorized Courseware
Completion Certificate from ATP

Enterprise Reporting
Lifetime Access
CloudLabs
24x7 Support
Real-time code analysis and feedback

What is Elastic Security Analytics Certification Training about?

Elastic Security Analytics training uses authorized course content developed by Elastic and will be delivered by Elastic Certified Instructor.This instructor-led course is designed for analysts that currently use, or are interested in using, the Elastic Stack for security event collection and analytics. You will start with an overview of the Elastic Stack, exploring the various components and some of the use cases they can serve. The remainder of this course will take an in-depth look at several security related data sources and how to gain value from them with the Elastic Stack. As you learn about these data sources, we will mix in instruction on the various components of Kibana, including basic discovery, visualizations and dashboards, and advanced components like Graph and machine learning

What are the objectives of Elastic Security Analytics Certification Training ?

After completing each module, you will apply what you have learned in a series of hands-on labs. By the end of the training, you will be able to use the Elastic Stack to analyze the data sources from your network and various systems in order to paint a more complete security picture.

Topics Covered

Introduction to the Elastic Stack
Threat Detection
Bro Basics
Suricata IDS
Windows Host Data
Linux Host Data
Enriching Host Data
Guided Hunt
Course Details
Audience

Who is Elastic Security Analytics Certification Training for?

Security analysts who are researching, building, or leveraging search and analytics solutions using the Elastic Stack

What are the prerequisites for Elastic Security Analytics Certification Training?

No prior knowledge of the Elastic Stack required

Requirements

Stable internet connection
Mac, Linux, or Windows
A modern web browser

Available Training Modes

Classroom Training

3 Days

Course Outline Expand All

Expand All

Day 1

Introduction to the Elastic Stack

Learn about the products that make up the Elastic Stack and when you might choose one tool vs. another.

Threat Detection

Review common approaches to threat hunting and learn about how the tools in the Elastic Stack can help compliment these proven methods.

Bro Basics

Understand what Bro data is, how to capture it, and leverage it for security operations.

Hands-On Lab: Explore Bro data from the command line and move to analyzing the same dataset using Kibana.

Suricata IDS

Suricata is a popular Intrusion Detection System (IDS). Learn how to analyze the alerts and flow data that it can provide.

Hands-On Lab: Analyze alerts and flow data generated from Suricata.

Day 2

Windows Host Data

Learn all about how Windows stores event logs and how to use the Elastic Stack to centralize and search them

Hands-On Lab: Analyze Windows host logs that have been collected using Winlogbeat

Linux Host Data

Review common log collection points within Linux operating systems and how to analyze them for threats using the Elastic Stack

Hands-On Lab: Analyze a variety of Linux host logs that have collected using Filebeat and Auditbeat.

Enriching Host Data

Gain insight into common approaches for enriching host data, both pre and post collection. This will be a high-level overview of the approaches available

Hands-On Lab: Analyze Windows host logs that have been enriched using Sysmon

Day 3

• Spend a full day applying the concepts that you have learned in class. This is designed to be very hands-on and flexible to the needs and desires of the students

The typical flow is to spend 30 minutes looking for anomalies in the data and then regroup and review as a class what everyone has found

Who is the instructor for this training?

Elastic Security Analytics Training will be delivered by Elastic certified Instructor with extensive domain experience, including years of experience training & mentoring professionals in the industry.

Elastic Security Analytics Certification Training - Certification & Exam

SpringPeople is Authorized Training Partners of Elastic.

Click here to download course outline

You will receive an email 48 hours prior to the start of the course with detail instructions on how to access/download materials on our training portal. Materials will be available for two months which are accessible through training@elastic.co.

After completion of the training. you will have the content available on your dashboard under My Learning up to 2 months.

You will receive a certificate of completion once the course is completed an automated email will be sent with a link and instructions on how to download your certificate. You can also log into training.elastic.co to download a copy.

Reviews

My outlook on training changed completely after attending SpringPeople BPC training. The content, the trainer and infrastructure at SpringPeople were top notch and perfectly in tune with the industry requirements. Regardless to say, training is now something that I look forward to to. Kudos to everyone at SpringPeople!

Shweta Priya

Sony

I attended the 3-day AngularJs training at SpringPeople. The trainer was an industry veteran with vast experience in the subject. Notably, the hands-on training, and the Q&A session stood out. Overall, I found SpringPeople a great place to learn with excellent facilities and great trainers. Would recommend SpringPeople to my colleagues and friends.

Swati Singh

I attended the training on API Design for Mulesoft. The sessions were well planned and value-laden. I benefited immensely from the hands-on experience enabled through virtual labs. I would like to specifically commend the efficiency of the support team who were always available to resolve my concerns.

Nikhil Kohli

Stryker

I attended the jQuery training batch, conducted by Mr. Vijay, an SME who did a thorough coverage of all the essentials. He took us through concepts such as jQuery animations, event handlers, plugins, and jQuery-UI by small programs, very easily. The sessions were useful and well structured. By the end of the training, I was well equipped to develop a SPA on Product Management System. Overall, the learning experience at SpringPeople was great!

Heena Rajan

Mindtree