av-solutions-education-services-banner

Education Services

Get the most out of AlienVault technology.
Learn from the experts who wrote the code!

AlienVault provides both custom, on-site and classroom training courses around the world.

The AlienVault Certified Security Analyst (ACSA) and the AlienVault Certified Security Engineer (ACSE) training course includes everything you need to know to architect and implement an AlienVault system for maximum utilization, tune it for maximum performance and manage the entire system for optimal effectiveness:

ACSA:

  • When to use OSSIM and when to use the AlienVault Unified Security Management Platform™ (AV-USM™)
  • Planning Your Work – identifying assets, mapping the network architecture, identifying collection vectors (Agent vs Agentless, SPAN vs TAP, Encrypted vs Clear), identifying ACLs, VLANs &Sites/Entities.
  • Understanding the architecture – Appliance hardware and deployment options for all-in-one single server deployments, hierarchical multi-server deployments, high availability and large scale distributed deployments.
  • Software options, hardware requirements and sizing considerations.
  • Managing software updates and setting up feed subscriptions.
  • Data collection methods, how to sort syslog traffic, using existing plug-ins, customizing new plug-ins, using regex tools.
  • Built-in security tools and using Snort, Ntop (NFDump, NFSens), OpenVas, Kismet, RRD and Nagios.
  • The different types of correlation and correlation for various compliance regulations.
  • Using the Logger, setting up the file structure, digital signatures, how to perform forensic searches and generate reports.
  • Setting up security policies and sending notifications.
  • Using the AV-USM™ Console for security analysis, viewing risk maps, identifying high risk assets.
  • All about Reporting – built-in report modules, creating custom modules and custom layouts, scheduling regular reports.
ACSE:
  • Learn how to install, update and configure your system from the command line
  • Learn about event collection, log filtering, using plugins, creating custom plugins
  • Learn how to control the event flow in complex installations (Policies)
  • Learn how to write correlation directives
  • Learn how to setup the logger, remote loggers etc.
  • Learn how to install and configure IDM, write custom IDM (Identity Monitoring) plugins
  • Setup HIDS on clients
  • Learn all about Snort (partially in ACSA too)
  • Learn about Dimensioning and Deployment (also in ACSA)

View our training schedule or contact us for more information.