RSA Certified Security Analytics for Analysts Training

Live Online & Classroom Certification Training

Security Analytics for Analysts Training guides the analyst through the process, providing hands-on practice with analysis techniques, such as deploying external sources, creating custom feeds, creating rules to filter data, and reporting and alerting.

(4.7) 155 Learners
Instructed by SPRINGPEOPLE

No Public/Open-house class on the topic scheduled at the moment!

Course Description


This course provides a roadmap for using RSA Security Analytics for intelligence-driven analysis. The course guides the analyst through the process providing hands-on practice with analysis techniques such as deploying external sources creating custom feeds creating rules to filter data and reporting and alerting. Malware analysis and parsers arenalso covered as well as methodologies and best practices for optimal results. The course provides practice with packets and logs.


At the end of Security Analytics for Analysts training course, participants will learn to:

  • Describe the Security Analytics architecture and componentsn
  • Describe and customize the Security Analytics User Interfacen
  • Articulate the intelligence-driven processn
  • Describe the features and functions of the Investigation Modulen
  • Access Live resources to enrich the datan
  • Create and deploy custom feeds and create new metadatan
  • Filter data for investigation using rules and custom actionsn
  • Automate analysis using alerts and reportsn
  • Communicate results using reports and chartsn
  • Describe the process for generating new intelligencen
  • Create and implement parsersn
  • Describe the features and functions of the Malware modulen
  • Analyze malware using the Investigation modulen
  • Investigate potential security issues based on specific use casesn

Suggested Audience -

Security analysts who are new to RSA Security Analytics and are responsible for incident identification and response. Security analysts who need a basic understanding of the methodologies associated with malware investigations and are utilizing RSA Security Analytics to support them in executing their role.n

Duration - 5 Days


Participants should be familiar with basic computer architecture, data networking fundamentals and general information security concepts. A background in Enterprise data networking and communications is required. Programming language experience is helpful. Basic knowledge of the TCP\/IP protocol stack is useful.

Course Curriculum

Expand All
  • Enterprise security evolution
  • Intelligence-Driven roadmap
  • Security Analytics Architecture and components - Appliances - Logs and packets - Data processing -
  • Licensing
  • RSA Security Analytics data - ttPackets, sessions, logs and resources - Data process flow - Data sources -
  • RSA Security Analytics User Interface
  • Customizing the User Interface
  • Obtaining data - tWhere to collect - ttBest practicest - ttFull packet capture - t
  • Investigation module navigation options
  • Configuring devices for investigation
  • Common use cases
  • Basic analysis techniques
  • Defining and refining sources
  • Live content
  • Accessing and deploying source data using Live subscriptions
  • Accessing sources for logs
  • Adding custom feeds
  • Adding custom metadata
  • Creating an intelligence-driven methodology
  • Filtering methodology
  • RSA Security Analytics filtering tools
  • Performing analysis using filtering tools and techniques
  • Using reports for communication, validation and investigation
  • Role based access control
  • Charts
  • Creating reports for Compliance
  • Creating reports to monitor the environment
  • Creating alerts for automated analysis
  • Generating new intelligence
  • Sample use cases for automating analysis
  • Introduction to parsers
  • Creating content using parsers
  • Packet parser structure and syntax
  • Creating content using Log parsers
  • Creating content using Lua parsers
  • Basic Lua concepts
  • Stages of the network forensics process
  • Forensics analysis
  • Malware analysis module
  • Malware analysis techniques - tEvent processing - ttSession analysis - ttStatic analysis - ttCommunity analysis - ttSandbox - t
  • Use case examples - tZero day attack - ttMalware evades sandbox - ttMalware defended by antivirus - t


SpringPeople works with top industry experts to identify the leading certification bodies on different technologies - which are well respected in the industry and globally accepted as clear evidence of a professional’s “proven” expertise in the technology. As such, these certification are a high value-add to the CVs and can give a massive boost to professionals in their career/professional growth.

Our certification courses are fully aligned to these high-profile certification exams; at the end of the course, participants will have detailed knowledge, be eligible and be fully ready take up these certification exams and pass with flying colours.



SpringPeople Corporate Learning Center

About the Instructor

Founded in 2009, SpringPeople is a global premier eLearning marketplace for Online Live, Instructor-led classes in the region. It is a certified training delivery partner of leading technology creators, namely Pivotal, Elastic, Lightbend, EMC, VMware, MuleSoft, RSA, and... Read More

Course Rating and Reviews


Average Rating
5 Stars
4 Stars
3 Stars
2 Stars
1 Star

SPRINGPEOPLE SpringPeople Trainer

Richa Sinha

Course Material:
Class Experience:
There should be an inclusion of the best practices.

SPRINGPEOPLE SpringPeople Trainer

Lohith MV

Tech Lead
Pramata Knowledge Solutions
Course Material:
Class Experience:
I felt course went little slow, we should have covered more topics

SPRINGPEOPLE SpringPeople Trainer

Madhav NV

Product Manager
Sonata Software
Course Material:
Class Experience:

This class is intended for participants with some prior exposure to the technology and are now looking to build up their expertise on the topic.

On successful completion of the course, participants will be eligible to sit of the related certification exam (see course overview). All participants receive a course completion certificate, demonstrating their expertise on the subject.

Total duration of the online, live instructor led sessions. Sessions are typically delivered as short lectures (2-hrs weekdays/3-hrs weekends) and detailed hands-on guidance.

Expected offline lab work hours that participants will need to complete and submit to the trainer, during and after the instructor-led online sessions.

  1. We are happy to refund full fee paid - no questions asked - should you feel that the training is not up to your expectations.
  2. Our dedicated team of expert training enablement advisors are available on email, phone and chat to assist you with your queries.
  3. All courseware, including session recordings, will always be available to access to you for future reference and rework.

Contact Us

1800-313-4030 (BLR)

Schedule a Call

Related Courses

Recently Viewed