Security Analytics for Analysts Training

Live Online & Classroom Enterprise Training

Security Analytics for Analysts Training guides the analyst through the process, providing hands-on practice with analysis techniques, such as deploying external sources, creating custom feeds, creating rules to filter data, and reporting and alerting.

Looking for a private batch ?

REQUEST A CALLBACK

Certified Trainer
Authorized Courseware
Completion Certificate from ATP

Enterprise Reporting
Lifetime Access
CloudLabs
24x7 Support
Real-time code analysis and feedback

What is Security Analytics for Analysts Training about?

This course provides a roadmap for using RSA Security Analytics for intelligence-driven analysis. The course guides the analyst through the process providing hands-on practice with analysis techniques such as deploying external sources creating custom feeds creating rules to filter data and reporting and alerting. Malware analysis and parsers are also covered as well as methodologies and best practices for optimal results. The course provides practice with packets and logs.

What are the objectives of Security Analytics for Analysts Training ?

At the end of Security Analytics for Analysts training course, participants will learn to:

Describe the Security Analytics architecture and components
Describe and customize the Security Analytics User Interface
Articulate the intelligence-driven process
Describe the features and functions of the Investigation Module
Access Live resources to enrich the data
Create and deploy custom feeds and create new metadata
Filter data for investigation using rules and custom actions
Automate analysis using alerts and reports
Communicate results using reports and charts
Describe the process for generating new intelligence
Create and implement parsers
Describe the features and functions of the Malware module
Analyze malware using the Investigation module
Investigate potential security issues based on specific use cases

What are the prerequisites for Security Analytics for Analysts Training?

Participants should be familiar with basic computer architecture, data networking fundamentals and general information security concepts. A background in Enterprise data networking and communications is required. Programming language experience is helpful. Basic knowledge of the TCP/IP protocol stack is useful.

Available Training Modes

Live Online Training

18 Hours

Classroom Training

3 Days

Course Outline Expand All

Expand All

1. RSA Security Analytics Overview

Enterprise security evolution

Intelligence-Driven roadmap

Security Analytics Architecture and components - Appliances - Logs and packets - Data processing -

Licensing

RSA Security Analytics data - ttPackets, sessions, logs and resources - Data process flow - Data sources -

RSA Security Analytics User Interface

Customizing the User Interface

2. Investigation Basics

Obtaining data - tWhere to collect - ttBest practicest - ttFull packet capture - t

Investigation module navigation options

Configuring devices for investigation

Common use cases

Basic analysis techniques

3. Building Sources - Enriching the Data

Defining and refining sources

Live content

Accessing and deploying source data using Live subscriptions

Accessing sources for logs

Adding custom feeds

Adding custom metadata

4. Filtering and Analyzing the Data

Creating an intelligence-driven methodology

Filtering methodology

RSA Security Analytics filtering tools

Performing analysis using filtering tools and techniques

5. Communicating Results and Introducing Automation

Using reports for communication, validation and investigation

Role based access control

Charts

Creating reports for Compliance

Creating reports to monitor the environment

Creating alerts for automated analysis

Generating new intelligence

Sample use cases for automating analysis

6. Using Parsers for Analysis

Introduction to parsers

Creating content using parsers

Packet parser structure and syntax

Creating content using Log parsers

Creating content using Lua parsers

Basic Lua concepts

7. Performing Malware Analysis

Stages of the network forensics process

Forensics analysis

Malware analysis module

Malware analysis techniques - tEvent processing - ttSession analysis - ttStatic analysis - ttCommunity analysis - ttSandbox - t

Use case examples - tZero day attack - ttMalware evades sandbox - ttMalware defended by antivirus - t

Who is the instructor for this training?

The trainer for this Security Analytics for Analysts Training has extensive experience in this domain, including years of experience training & mentoring professionals.

Reviews

My outlook on training changed completely after attending SpringPeople BPC training. The content, the trainer and infrastructure at SpringPeople were top notch and perfectly in tune with the industry requirements. Regardless to say, training is now something that I look forward to to. Kudos to everyone at SpringPeople!

Shweta Priya

Sony

I attended the 3-day AngularJs training at SpringPeople. The trainer was an industry veteran with vast experience in the subject. Notably, the hands-on training, and the Q&A session stood out. Overall, I found SpringPeople a great place to learn with excellent facilities and great trainers. Would recommend SpringPeople to my colleagues and friends.

Swati Singh

I attended the training on API Design for Mulesoft. The sessions were well planned and value-laden. I benefited immensely from the hands-on experience enabled through virtual labs. I would like to specifically commend the efficiency of the support team who were always available to resolve my concerns.

Nikhil Kohli

Stryker

I attended the jQuery training batch, conducted by Mr. Vijay, an SME who did a thorough coverage of all the essentials. He took us through concepts such as jQuery animations, event handlers, plugins, and jQuery-UI by small programs, very easily. The sessions were useful and well structured. By the end of the training, I was well equipped to develop a SPA on Product Management System. Overall, the learning experience at SpringPeople was great!

Heena Rajan

Mindtree