We may earn an affiliate commission when you visit our partners.
Cristian Pascariu

Log parsing and analysis does not scale well to large data sets. This course will teach you how to perform data analysis and baselining on large data sets to efficiently identify and address threats.

Read more

Log parsing and analysis does not scale well to large data sets. This course will teach you how to perform data analysis and baselining on large data sets to efficiently identify and address threats.

As businesses innovate and make ground-breaking developments in the markets they operate within, successes can become reasons for advanced cyber threats to target your organization. In this course, Security Event Triage: Statistical Baselining with SIEM Data Integration, you will gain the ability to perform detection and analysis of threats at scale. First, you will learn which leg events to look for to identify suspicious activity. Next, you will discover how to pivot between indicators to find the root cause of the incident. Finally, you will explore how to correlate events from multiple sources across your estate to identify the actions on objective of the attacker as well as the impact. When you’re finished with this course, you will have the skills and knowledge of data analysis and baselining needed to detect threats at scale.

Enroll now

What's inside

Syllabus

Course Overview
Investigating Security Incidents with the Elastic SIEM
Detecting Suspicious Network Traffic
Investigating File-less Malware Attacks
Read more
Performing Behavioral Analysis
Correlating Related Events

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Teaches data analysis and baselining, which are foundational skills for security analysts
Develops skills to detect threats at scale, which is critical in today's threat landscape
Provides insights into advanced cyber threats, enabling learners to anticipate and respond to emerging threats
Covers behavioral analysis and correlation of events, which are essential techniques for threat detection
Assumes prior knowledge of security event management and SIEM tools
Requires access to specific software and tools, which may pose a barrier to some learners

Save this course

Save Security Event Triage: Statistical Baselining with SIEM Data Integration to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Security Event Triage: Statistical Baselining with SIEM Data Integration with these activities:
Review Networking Concepts
Sharpen your understanding of networking concepts to better apply them to security baselining.
Browse courses on Computer Networking
Show steps
  • Read articles or blog posts on networking concepts
  • Take an online course or tutorial on networking
  • Review your notes from previous networking courses
  • Join an online discussion forum for networking professionals
Show all one activities

Career center

Learners who complete Security Event Triage: Statistical Baselining with SIEM Data Integration will develop knowledge and skills that may be useful to these careers:
Incident Responder
Incident Responders investigate and respond to security breaches. They may also develop and implement security measures to prevent future breaches. The ability to analyze large sets of data is a valuable asset to an Incident Responder. This course will provide you with this ability, and its content and exercises will give you an advantage in securing this role.
Cybersecurity Analyst
Cybersecurity Analysts protect computer networks from unauthorized access. They investigate cyberattacks, gather evidence to prevent future attacks, and create security measures such as firewalls and intrusion detection systems. The ability to analyze large sets of data is a valuable asset to a Cybersecurity Analyst. This course will provide you with this ability, and its content and exercises will give you an advantage in securing this role.
Penetration Tester
Penetration Testers assess the security of computer networks and software applications by simulating attacks. They identify vulnerabilities and recommend measures to fix them. The ability to analyze large sets of data is a valuable asset to a Penetration Tester. This course will provide you with this ability, and its content and exercises will give you an advantage in securing this role.
Data Analyst
Data Analysts analyze data to identify trends and patterns. They use this information to improve business processes and to make better decisions. The ability to analyze large sets of data is a core skill for a Data Analyst. This course will help you develop this skill, and its content and exercises will give you an advantage in securing this role.
Data Scientist
Data Scientists analyze data to identify trends and patterns. They use this information to develop new products and services, and to improve existing ones. The ability to analyze large sets of data is a core skill for a Data Scientist. This course will help you develop this skill, and its content and exercises will give you an advantage in securing this role.
Information Security Analyst
Information Security Analysts plan and carry out security measures to protect an organization’s computer networks and systems. An organization that employs an Information Security Analyst is likely to have more computer data and more cyber threats to manage. As a result, it is crucial for an Information Security Analyst to develop expertise in data analysis. This course will help you develop this expertise and master essential skills expected of an Information Security Analyst.
Information Systems Security Manager
Information Systems Security Managers plan and implement security measures to protect an organization’s information systems. They also oversee the organization’s security policies and procedures. The ability to analyze large sets of data can help an Information Systems Security Manager to identify trends and patterns in security events. This information can be used to improve the organization’s security posture and to prevent future attacks. This course will help you develop this skill, and its content and exercises will give you an advantage in securing this role.
IT Auditor
IT Auditors evaluate the security of computer systems and networks. They also assess the organization’s compliance with security regulations. The ability to analyze large sets of data can help an IT Auditor to identify vulnerabilities and to assess the organization’s risk exposure. This course will help you develop this skill, and its content and exercises will give you an advantage in securing this role.
Security Consultant
Security Consultants provide advice to organizations on how to improve their security posture. They also help organizations to implement security solutions. The ability to analyze large sets of data can help a Security Consultant to identify trends and patterns in security events. This information can be used to make recommendations to clients about how to improve their security. This course will help you develop this skill, and its content and exercises will give you an advantage in securing this role.
Security Architect
Security Architects design and implement security solutions for computer networks and systems. They also oversee the organization’s security policies and procedures. The ability to analyze large sets of data can help a Security Architect to identify trends and patterns in security events. This information can be used to improve the organization’s security posture and to prevent future attacks. This course will help you develop this skill, and its content and exercises will give you an advantage in securing this role.
Forensic Computer Analyst
Forensic Computer Analysts use their skills in data analysis and investigation to analyze computer systems and networks. They use this information to investigate computer crimes and to recover lost or stolen data. This course will help you develop these skills, and its content and exercises will give you an advantage in securing this role.
Risk Analyst
Risk Analysts assess the risks associated with various business activities. They use this information to develop risk management plans and to make recommendations to senior management. The ability to analyze large sets of data can help a Risk Analyst to identify and quantify risks. This information can be used to make better decisions about how to allocate resources and to mitigate risks. This course will help you develop this skill, and its content and exercises will give you an advantage in securing this role.
Security Engineer
Security Engineers implement and maintain security systems for computer networks and software applications. This course will help you develop expertise in data analysis. Being able to parse logs and analyze data will make you a more effective Security Engineer.
Database Administrator
Database Administrators manage and maintain databases. They also work on the security of databases. The ability to analyze large sets of data can help a Database Administrator to identify and fix performance issues in databases. This information can be used to improve the performance of databases and to prevent future attacks. This course will help you develop this skill, and its content and exercises will give you an advantage in securing this role.
Software Engineer
Software Engineers design, develop, and test software applications. They may also work on the security of software applications. The ability to analyze large sets of data can help a Software Engineer to identify and fix bugs in software applications. This information can be used to improve the security of software applications and to prevent future attacks. This course will help you develop this skill, and its content and exercises will give you an advantage in securing this role.

Reading list

We've selected six books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Security Event Triage: Statistical Baselining with SIEM Data Integration.
Provides a comprehensive guide to ethical hacking. It covers everything from reconnaissance and enumeration to exploitation and post-exploitation.
Provides a practical guide to penetration testing. It covers everything from planning and scoping a penetration test to executing and reporting on the results.
Provides a fascinating look at the human element of security. It covers everything from social engineering to phishing to identity theft.
Provides a comprehensive guide to security engineering. It covers everything from risk assessment and threat modeling to security testing and incident response.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser