I recently attained AlienVault Certified Security Analyst (ACSA) and AlienVault Certified Security Engineer (ACSE) certification, after taking an AlienVault 5-day training course and passing a test. It is probably a little biased since I am an AlienVault employee; however, I found the course to be quite good. For an impartial view, check out this 3rd party review. Following are a few things I learned that I thought I would pass along in the event you are planning on going through training now or in the future.
I took the training course remotely, from my desk at work, rather than in person. Being a “people person” a traditional face to face class would have probably been more fun for me. Interestingly, our training group tracks test scores, and they told me that the test scores for people taking courses online are actually higher than in-person training test scores. Apparently, being in-person doesn’t completely remove work-related interruptions./p>
I asked our training department about remote training and they said most of our customers are choosing it over in-person classes due to limited travel budgets. I guess the big thing is, no matter how you get trained, make sure you have your manager’s support so that people let you focus during training as much as humanly possible. You can actively create a coverage schedule with your co-workers to handle routine tasks. The main thing is to avoid getting interrupted – and work with the instructor to make sure that you have adequate breaks to deal with emails and urgent business.
My big observation after the class was that although I’ve worked with AlienVault for about a year, I still learned a lot of new things that the product can do in the class. AlienVault Unified Security Management (USM™) just does so many crazy-interesting and useful things. It can be, literally, the only thing a midsize company needs for security, beyond firewalls and antivirus / antimalware.
I polled some of the other folks from AlienVault in the class and got this from a sales rep: “After 2+ years of running demo's, POC's, and 30 day trials, I've still learned a lot about functionality and how it is done. I used to say USM is a "SOC in a box.”. Now, I just tell customers that I believe no other security product will move the dial towards your Infosec goals for less dollars spent. Training has helped me understand the scope of functionality and ease of configuration.”
Another classmate had this to say, “Personally I have been very impressed by the level of functionality offered by USM from within the GUI. Truthfully everything we did in the training could have been done just using the GUI (since we mostly use CLI to generate mock data). I also think that for a tool as capable as USM, the GUI itself is (mostly) incredibly intuitive (except for a few small UI tweaks).”
I also heard this ”USM reporting is incredibly powerful, and one aspect that can probably be talked about a little more is the Open Threat Exchange (OTX) integration and the value it adds. I think driving home the point that as a USM customer "you are not alone" is a big differentiator for us.”
Several people wanted to have two tiers of classes in the future– one for USM 101 and one for advanced users (advanced forensic research, details about tuning and maintenance.)
If you’re interested in learning how to truly take advantage of the functionality of USM, please consider AlienVault authorized training done by AlienVault and partners. Note: there’s an upcoming in-person class in London Jan 26-30, and the Live, Online class for EMEA on Feb 23-27. Contact [email protected] to learn more.
Here’s a picture of the attendees at an in-person AlienVault USM for Security Engineers class in Bogata a few months ago.