Investigating Incidents with Splunk SOAR (IISS)

Investigating Incidents with Splunk SOAR (IISS)

$500check
  • VAT: excluding VAT
  • Price completeness: This price is complete, there are no hidden additional costs.
Fast Lane Institute for Knowledge Transfer GmbH
Get alternatives
Logo Fast Lane Institute for Knowledge Transfer GmbH
Provider rating: starstarstarstarstar_half 8.9 Fast Lane Institute for Knowledge Transfer GmbH has an average rating of 8.9 (out of 33 reviews)

Need more information? Get more details on the site of the provider.

Get alternatives

Starting dates and places

This product does not have fixed starting dates and/or places.

Description

Kursinhalt

  • SOAR concepts
  • Investigations
  • Running actions and playbooks
  • Case management & workflows

Voraussetzungen

Basic Security operations knowledge.

Detaillierter Kursinhalt

Topic 1 – Starting Investigations

  • SOAR investigation concepts
  • ROI view
  • Using the Analyst Queue
  • Using indicators
  • Using search

Topic 2 – Working on Events

  • Use the Investigation page to work on events
  • Use the heads-up display
  • Set event status and other fields
  • Use notes and comments
  • How SLA affects event workflow
  • Using artifacts and files
  • Exporting events
  • Executing actions and playbooks
  • Managing approvals

Topic 3 – Cases: Complex Events

  • Use case management for complex investigations
  • Use case workflows
  • Mark evid…

Read the complete description

Frequently asked questions

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.

Didn't find what you were looking for? See also: Microsoft .NET, Microsoft Visual Studio(.NET) 2010, Programming (general), Microsoft Visual Basic 6/.NET, and Microsoft Visual C#.NET.

Kursinhalt

  • SOAR concepts
  • Investigations
  • Running actions and playbooks
  • Case management & workflows

Voraussetzungen

Basic Security operations knowledge.

Detaillierter Kursinhalt

Topic 1 – Starting Investigations

  • SOAR investigation concepts
  • ROI view
  • Using the Analyst Queue
  • Using indicators
  • Using search

Topic 2 – Working on Events

  • Use the Investigation page to work on events
  • Use the heads-up display
  • Set event status and other fields
  • Use notes and comments
  • How SLA affects event workflow
  • Using artifacts and files
  • Exporting events
  • Executing actions and playbooks
  • Managing approvals

Topic 3 – Cases: Complex Events

  • Use case management for complex investigations
  • Use case workflows
  • Mark evidence
  • Running reports
There are no reviews yet.

    Share your review

    Do you have experience with this course? Submit your review and help other people make the right choice. As a thank you for your effort we will donate $1.- to Stichting Edukans.

    There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.