Security Event Triage: Statistical Baselining with SIEM Data Integration

Log parsing and analysis does not scale well to large data sets. This course will teach you how to perform data analysis and baselining on large data sets to efficiently identify and address threats.
Course info
Rating
(10)
Level
Intermediate
Updated
Feb 6, 2020
Duration
1h 31m
Table of contents
Description
Course info
Rating
(10)
Level
Intermediate
Updated
Feb 6, 2020
Duration
1h 31m
Description

As businesses innovate and make ground-breaking developments in the markets they operate within, successes can become reasons for advanced cyber threats to target your organization. In this course, Security Event Triage: Statistical Baselining with SIEM Data Integration, you will gain the ability to perform detection and analysis of threats at scale. First, you will learn which leg events to look for to identify suspicious activity. Next, you will discover how to pivot between indicators to find the root cause of the incident. Finally, you will explore how to correlate events from multiple sources across your estate to identify the actions on objective of the attacker as well as the impact. When you’re finished with this course, you will have the skills and knowledge of data analysis and baselining needed to detect threats at scale.

About the author
About the author

Cristian is a Information Security Professional with experience in supply chain, manufacturing, gaming, and entertainment sectors for Fortune 500 companies. He has provided expertise in incident response cases by performing forensic investigations, malware analysis, and elaborating mitigation plans against complex cyber attacks.

More from the author
Exfiltration with Dnscat2
Intermediate
23m
Sep 10, 2020
Purple Teaming: The Big Picture
Beginner
39m
Jun 16, 2020
More courses by Cristian Pascariu
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] Hi, everyone. My name is Christian Pescariu and welcome to my course security event Reege Statistical base Lining with seem data integration. I am an information security professional and a Pluralsight author. Traditional log analysis is becoming more impractical for the increased quantities of data that are required for efficient incident Handling. New techniques and capabilities are paving the way for next gentry detection, as well as a stepping stone for security, orchestration, automation and response. In these course, we're going to consume aggregated security events collected with elastic stack to gain full visibility into modern attacks. Some of the major topics that will cover include detect and analyze covered commanding control channels, investigate follow smaller tax, detect advanced credential dumping techniques and correlate events to trash adversary groups. By the end of these scores, you'll know how to leverage the elastic stack to craft enhanced detections. To hunt for malicious activity before beginning the course, you should be familiar with handling and responding to security incidents. From here, you should feel comfortable diving in to more courses from the security event reacts learning path around network and endpoint security. I hope you'll join me on this journey to learn 3D hunting with the security of entry age statistical base lining with seem data integration course at Pluralsight