Security Operations & Monitoring

Defenders use a variety of tools that make up the security stack such as Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) tools. Defenders need to know how to configure these tools properly and utilise them to gain visibility and identify anomalous activity in their network. This module will explore these different tools used to monitor and detect threats on the network and endpoints.