Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Introduction to ArcSight ESM
- Overview of SIEM and ArcSight ESM
- Understanding the ArcSight ESM architecture
Configuring ArcSight Connectors
- Types of ArcSight connectors and their purposes
- Installing and configuring ArcSight connectors
- Managing connector updates and health
ArcSight ESM Management
- Navigating the ArcSight Console
- Managing users, groups, and permissions
- Configuring network and device resources
Correlation Rules and Security Monitoring
- Basics of correlation rules and their creation
- Deploying correlation rules for real-time threat detection
- Utilizing the dashboard for security monitoring
Reporting and Visualization
- Creating custom reports for security analytics
- Designing effective dashboards and visualizations
- Best practices for reporting and alerting
Active Lists, Session Lists, and Data Monitors
- Introduction to lists and data monitors in ArcSight
- Configuring and managing lists for dynamic threat detection
- Practical applications of data monitors
Tool Optimization
- Customizing dashboards for enhanced operational visibility
- Streamlining event streams for efficient monitoring and analysis
Advanced Variable Construction and Developing Lists and Rules
- Techniques for creating complex variables in ArcSight
- Using variables to filter and refine event data
- Developing and managing lists for dynamic event categorization
- Creating advanced rules for automated threat detection and response
Advanced Correlation Techniques and Search Methods
- Strategies for correlating disparate event data to uncover sophisticated threats
- Applying advanced correlation for real-world threat scenarios
- Leveraging ArcSight's search capabilities for deep-dive investigations and threat hunting
- Tips and tricks for constructing effective search queries
System Maintenance and Troubleshooting
- ArcSight ESM backup and restore procedures
- Monitoring system performance and troubleshooting common issues
- Best practices for ArcSight ESM maintenance
Summary and Next Steps
Requirements
- Basic knowledge of cybersecurity concepts and SIEM (Security Information and Event Management) fundamentals
- Prior experience with Micro Focus ArcSight ESM
Audience
- Security analysts
- Cybersecurity and IT professionals
35 Hours
Delivery Options
Private Group Training
Our identity is rooted in delivering exactly what our clients need.
- Pre-course call with your trainer
- Customisation of the learning experience to achieve your goals -
- Bespoke outlines
- Practical hands-on exercises containing data / scenarios recognisable to the learners
- Training scheduled on a date of your choice
- Delivered online, onsite/classroom or hybrid by experts sharing real world experience
Private Group Prices RRP from €11400 online delivery, based on a group of 2 delegates, €3600 per additional delegate (excludes any certification / exam costs). We recommend a maximum group size of 12 for most learning events.
Contact us for an exact quote and to hear our latest promotions
Public Training
Please see our public courses
Testimonials (1)
The report and rules setup.
