Who should attend
Security practitioners.
Prerequisites
- Splunk Fundamentals 1
- Splunk Fundamentals 2
Course Objectives
This 13.5-hour course prepares security practitioners to use Splunk Enterprise Security (ES). Students will identify and track security incidents, analyze security risks, use predictive analytics, and discover threats.
Course Content
- ES concepts
- Security monitoring and Incident investigation
- Assets and identities
- Detecting known types of threats
- Monitoring for new types of threats
- Using analytical tools
- Analyze user behavior for insider threats
- Use risk analysis and threat intelligence tools
- Use protocol intelligence and live stream data
- Use investigation timelines and journal tools
- Build glass tables to display security status