Security Onion is a great Linux distribution built for Network Security Monitoring (NSM). This course will teach you the technical aspects of NSM, as well as the triage process that must be followed, using simulated attacks.
Network security monitoring is a skill that is at the core of the broad set of skills security professionals can master to prevent, detect, and respond to attacks which are so common today. In this course, Network Security Monitoring (NSM) with Security Onion, you will learn about network security monitoring as well as how to use Security Onion to perform network security monitoring. First, you will learn what NSM is. Next, you will explore where you can deploy network sensors, how to handle the triage process by generating real attacks, how to detect attacks, and how to deploy and operate a Security Onion environment. Finally, you will discover how you can perform network security monitoring in a production environment, and how to deploy your own Security Onion environment and generate attacks to dissect with it. By the end of this course, you will have everything you need to further improve your skills as a security analyst, security engineer, or security architect. These skills are easily transferable to other network security monitoring products, such as commercial ones commonly found in the enterprise.
Course Overview Hi everyone, my name is Guillaume Ross, and welcome to my course, Network Security Monitoring with Security Onion. I'm a security consultant at Caffeine Security. As a consultant, I've helped many companies improve their security program by doing things such as network security monitoring. In this course, we're going to learn about network security monitoring, as well as how to use Security Onion to perform network security monitoring. Some of the major topics that we will cover include what network security monitoring is, where and how to deploy Security Onion network centers, generating and importing real attack data into Security Onion, analyzing and performing triage of security events. So we're basically going to use this great, free, and open source technology that Security Onion is to learn network security monitoring principles, and to learn what the process for network security monitoring should be. Most of the things that you will learn in this course that are not directly related to Security Onion, will be as applicable to any other commercial or open source network security monitoring tool you'll find out there. By the end of this course, you'll be able to perform network security monitoring, as well as to deploy and use Security Onion. Before beginning this course, you should be familiar with network security fundamentals, as well as the basics of using Linux and virtual machines. I hope you'll join me on this journey to learn network security monitoring with the Network Security Monitoring with Security Onion course at Pluralsight.