- Acquire a comprehensive understanding of processes, technologies, and workflows.
- Learn about security threats, attacks, vulnerabilities, attackers’ tactics, and cyber kill chain, among other topics.
- To identify indicators of compromise (IOCs) by recognizing the attacker’s tools, tactics, and procedures.
- Monitoring and analyse logs and alerts using Perimeter security devices(IDS/IPS)
- Gain a better understanding of how Centralized Log Management (CLM) works.
- Performs collection, monitoring, and analysis of security events and logs.
- Learn how to manage and analyze data in the context of security.
- You will develop an understanding of SIEM solutions (Splunk/AlienVault/OSSIM/ELK).
- Implementation and fine tuning of SIEM Solutions
- Develop a SIEM use case by gaining hands-on experience.
- Capable of developing threat cases (correlation rules), creating reports, etc.
- Find out which SIEM deployment use cases are the most common.
- Monitoring and analysis of threats in the enterprise which must be planned, organised, and performed.
- Analyze security threats and monitor emerging threats.
- Learn how to triage alerts on the job.
- Ensure appropriate teams are notified of incidents for additional assistance.
- An understanding of Service Desk ticketing systems.
- A good analyst is capable of preparing briefings and reports about the methodology and results of the analysis.
- Understanding how threat intelligence can be integrated into SIEMs to enhance detection and response to incidents.
- Use information on threats that are constantly changing, varied, and diverse.
- Learn how to deal with incidents.
- Acquire a better understanding of SOC and IRT collaborations.