Security Information and Event Management
Understand how SIEM works and get comfortable creating simple and advanced search queries to look for specific answers from the ingested logs.
This module explores SIEM basics - how logs are ingested and searched over to get the answers and how to identify the anomalies. This module also covers features standard in each SIEM solution, such as timeline, search bar, time filter and how to construct search queries to find anomalous traces. Aspiring security analysts can quickly transfer the knowledge covered in this module into any SIEM solution.
0%
Introduction to SIEM
An introduction to Security Information and Event Management.
0%
Investigating with ELK 101
Investigate VPN logs through ELK.
0%
ItsyBitsy
Put your ELK knowledge together and investigate an incident.
0%
Splunk: Basics
Learn the basics of Splunk.
0%
Incident handling with Splunk
Learn to use Splunk for incident handling through interactive scenarios.
0%
Investigating with Splunk
Investigate anomalies using Splunk.
0%
Benign
Challenge room to investigate a compromised host.
0%
Introduction to Phishing
Learn how to use SOC Simulator by completing your first scenario. Close all True Positive alerts to ...
What are modules?
A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).
