Elastic Alerting for Cybersecurity

Elastic Alerting for Cybersecurity

Upcoming Classes

Online

Instructor-led Virtual Training

Location Sep 2019 Oct 2019 Nov 2019 Dec 2019 Jan 2020 Feb 2020 Mar 2020 Apr 2020 May 2020 Jun 2020 Jul 2020
US CENTRAL TIMEZONE Oct 9

Classes in bold are guaranteed to run!

Summary

The best security systems need to cast a wide net, and then know what’s a valid threat and what’s background noise. And they need to do all that without oversight, allowing administrators to focus their time on the valid threats. In this course, you will learn how to use Elastic Stack alerting functionality to hunt down threats based on custom queries and thresholds, and automatically notify users when there’s a problem.
Note: This course is a module of the Security Analytics specialization.

Description

You will explore useful cybersecurity alerts that you can set up in order to enhance your security monitoring capabilities. You will also learn about how to create alerts based on Elastic machine learning anomaly detection. After completing this course, you will be able to use the Elastic Stack to hunt threats more effectively and efficiently.

Topics Covered

  • Introduction to Cybersecurity
  • Introduction to Elastic Stack Alerting
  • Configuring Cybersecurity Alerts
  • Incorporating Machine Learning into Alerting
Download Course Outline

Length

2-3 hours

Duration

3 hours

Audience

Security Analysts, SOC Managers, Security Practitioners, Information Security Consultants, System Administrators

Prerequisites

  • We recommend taking the following foundational courses (or having equivalent knowledge):
  • Familiarity with security log data
  • Basic networking knowledge
  • Basic experience with Elastic machine learning

Setup Requirements

  • Stable internet connection
  • Mac, Linux, or Windows
  • Latest version of Chrome or Firefox (other browsers not supported)
  • Disable any ad blockers and restart your browser before class

Additional Notes

Virtual Classroom Information
This instructor-led course is only taught in a virtual environment. We encourage participants to set up their systems prior to logging into the training environment the first day of the class. We also encourage being logged in 15 minutes prior to the start of class each day.

Training Specializations

This course is a module of the Security Analytics specialization. Find out how our focused Training Specializations can help you with your use case.

General Training Information
Have training questions? Review our FAQ or email us.