Perform labs on ArcSight Enterprise Security Management (ESM) software solution that combines traditional security event monitoring with network intelligence, context correlation, anomaly detection, historical analysis tools, and automated remediation. ESM is a multi-level solution that provides tools for network security analysts, system administrators, and business users.
Course modules:
- ArcSight ESM
- ArcSight Enterprise Security Management
- Life Cycle of an Event Through ESM
- Data Collection and Event Processing
- Priority Evaluation and Network Model Lookup
- Workflow
- Correlation Evaluation
- Monitoring and Investigation
- Reporting and Incident Analysis
- CORR-Engine
- The Event Schema
- The Network Model
- The Actor Model
- Managing Resources and Standard Content
Duration: 2-days
Reviews
There are no reviews yet.