Micro Focus Arcsight Siem - A Step-By-Step Bootcamp

Tackle cyber threats in real time by using powerful, scalable, and efficient SIEM security software.

What you'll learn
Security Information and Event Management
SIEM
Micro Focus ArcSight SIEM
Micro Focus ArcSight Enterprise Security Manager (ESM)
Micro Focus ArcSight Data Platform (ADP)
Micro Focus ArcSight SmartConnector
Hands-ON
Use Cases
The course was originally published on 2nd Jan 2020 with 32 videos and more videos are being added since then to cover more topics
Requirements
Basic Unix/Linux Skills
Basic Network Security Concepts
Description
Do you want to enter the SIEM field? Do you want to learn one of the leaders SIEM technologies? Do you want to understand the concepts and gain the hands-on on Micro Focus ArcSight SIEM? Then this course is designed for you. Through baby steps you will learn Micro Focus ArcSight SIEMThe course was originally published with 32 videos on 2nd Jan 2020 and I will keep adding more videos to cover more topics" Used with permission from Micro Focus. This tutorial was prepared independently from Micro Focus and Micro Focus has no responsibility for its content."

Overview

Section 1: Security Information and Event Management (SIEM)

Lecture 1 What is SIEM?

Lecture 2 Micro Focus ArcSight SIEM - Part1

Lecture 3 Micro Focus ArcSight SIEM - Part2

Section 2: Micro Focus Security ArcSight ESM 101

Lecture 4 Get the Material

Lecture 5 About ArcSight ESM

Lecture 6 ArcSight ESM - ESM Enables Situational Awareness

Lecture 7 ArcSight ESM - ESM Anatomy

Lecture 8 ArcSight ESM - SmartConnectors - Part1

Lecture 9 ArcSight ESM - SmartConnectors - Part2

Lecture 10 ArcSight ESM - ArcSight Manager & CORR-EngineStorage

Lecture 11 ArcSight ESM - User Interfaces & Use Cases

Lecture 12 ArcSight ESM - Interactive Discovery & Pattern Discovery

Lecture 13 ArcSight ESM - ESM on an Appliance & Logger & ArcSight Solutions

Lecture 14 ArcSight ESM - About Resources

Lecture 15 Hands-ON - Getting The Software + ArcSight Console Simplified

Lecture 16 Hands-ON - SmartConnector Installation & ESM destination registeration - Part1

Lecture 17 Hands-ON - SmartConnector Installation & ESM destination registeration - Part2

Lecture 18 Hands-ON - SmartConnector Installation & ESM destination registeration - Part3

Lecture 19 Life Cycle of an Event Through ESM

Lecture 20 Data Collection and Event Processing - Collect & Normalize Event Data

Lecture 21 Data Collection and Event Processing - Apply Event Categories

Lecture 22 Hands-ON - Event Categorization Utility

Lecture 23 Data Collection and Event Processing - Look up Customer and Zone in Network Mode

Lecture 24 Data Collection and Event Processing - Filter/Aggregate/Managing SmartConnector

Lecture 25 Hands-ON - Filter and Aggregate Events

Lecture 26 Priority Evaluation and Network Model Lookup

Lecture 27 Workflow

Lecture 28 Correlation Evaluation - Correlation Overview & Filters & Rules

Lecture 29 Correlation Evaluation - How Rules Evaluated & Use Active/Session Lists

Lecture 30 Correlation Evaluation - Data Monitors - part1

Lecture 31 Correlation Evaluation - Data Monitors - part2

Lecture 32 Correlation Evaluation - Local and Global Variables & Velocity Templates

Lecture 33 Correlation Evaluation - Event Types

Section 3: Micro Focus ArcSight MarketPlace

Lecture 34 Brute Force Package From MarketPlace

Lecture 35 Sysmon Package From Micro Focus MarketPlace, Microsoft and GitHub

Section 4: ESM Installation

Lecture 36 Part1

Lecture 37 Part2

Lecture 38 Part3

Lecture 39 Part4

Section 5: Appendix A - ESM Console Demystified

Lecture 40 Micro Focus ArcSight ESM Console

Lecture 41 Connectors & Active Channels

Lecture 42 Filters & Field Sets

Section 6: Appendix B - ESM Administration

Lecture 43 Forgotten ESM Account Password and Disabled Account

Lecture 44 Fixing Time of Log Source

Lecture 45 ESM Console Connection Refused Error

Network Security Specialists & Administrators,SOC Operators & Analysts,Information Security Sepcialists