You’ve made the decision to secure your environment using AlienVault® Unified Security Management (USM) Anywhere™. Great choice! Now that it’s deployed in your cloud or on-premises environment you might be asking yourself, “How can I leverage this solution to make sure that I’m protected?” Or, perhaps more accurately, “What do I do with all of these alarms?”
Well, you are not alone. Here are some requests that we’ve gotten from existing AlienVault USM Anywhere customers.
- “I would suggest to provide real life examples to show how to detect new and emerging threats.”
- “I would like to discuss the "right" ways to do analysis.”
- “I would like a course that pays more attention to deeper subjects focusing on investigation, tuning, and remediation.”
- “I would like to learn how to keep up to date with and address current threats.”
- “I would like a course that looks at tools outside AlienVault and includes modules on walking through the lifecycle of an Alarm, understanding where it came from and how it occurred.”
- “It would be nice to use external data and external resources/systems to better understand data (OTX, DNS logs, web traffic, Wireshark).”
Well, we’ve listened, and we’ve been working hard around the clock (quite literally, thanks to our training teams diverse geographical spread) on our new Security Analysis using AlienVault® USM Anywhere™ course. We’ve abducted (not really!) subject matter experts as well as real-life AlienVault customers to ensure we develop the right course for your needs.
Many of the above quotes are from customers who have taken a previous AlienVault USM Anywhere course, which teaches you about the operational side of running USM Anywhere in your environment. This new course will, as requested by the customers above, concentrate on understanding where alarms come from and how to effectively investigate and respond to them.
The Security Analysis using AlienVault® USM Anywhere™ two-day course provides you with the knowledge and tools to fully leverage AlienVault USM Anywhere to perform security analysis. Students will gain new skills in identifying and remediating threats using AlienVault USM Anywhere. Course participants will gain these skills through hands-on examples and exercises in performing and analyzing attacks on a live environment, with multiple asset types running a range of different software.
Topics covered include:
- Preparation: Know Your Environment
- USM Anywhere Tuning
- Threat Intelligence: Detect and Research Threats and Attack Methods
- Detection: Evaluate Alarms and Events
- Containment and Response: Minimise impact and automation
- Root Cause Analysis: Trace the timeline of an incident
- Recovery: Recover from an incident
- Reporting: Compliance and Reporting
You will benefit from instructor lectures, live instructor demonstrations, and numerous hands-on practice labs, which make up over 50% of the course. This hands-on course ensures that you are fully equipped to use AlienVault’s USM Anywhere functions and features, as well as a few useful external tools and sites, to detect and respond to security incidents. After completing this course, you will be better equipped to leverage the full power of AlienVault USM Anywhere to perform your analyst duties.
Register for the next Security Analysis using AlienVault® USM Anywhere™ course or to learn more about AlienVault’s full suite of training courses and certifications.
To prepare for the course, check out this new video (warning you will need to carve out 60-minutes), “Information Security 101.” The video highlights:
- Reasons why attackers attempt to exploit networks and systems
- Some of the most common system vulnerabilities
- The methods by which attacks are delivered
- Different attack types and how they are implemented at a high level