Investigating Incidents with Splunk SOAR
Duration : 1 Day (8 Hours)
Overview
Course Details
Prerequisites
Investigating Incidents with Splunk SOAR Course Overview:
This course prepares security practitioners to use SOAR to respond to security incidents, investigate vulnerabilities, and take action to mitigate and prevent security problems.
Intended Audience:
- Access Management Administrators
- Security Administrators
- IT Professionals responsible for access control and security management
- System Administrators involved in Oracle Access Management 12c implementation and maintenance
- Professionals seeking to enhance their knowledge of access control fundamentals in Oracle Access Management 12c.
Learning Objectives of Investigating Incidents with Splunk SOAR:
- SOAR concepts
- Investigations
- Running actions and playbooks
- Case management & workflows
Module 1 – Starting Investigations
- SOAR Investigation Concepts
- ROI View
- Using the Analyst Queue
- Using Indicators
- Using Search
Module 2 – Working on Events
- Using the Investigation Page for Event Management
- Utilizing the Heads-Up Display
- Setting Event Status and Other Fields
- Adding Notes and Comments
- Understanding the Impact of SLAs on Event Workflow
- Handling Artifacts and Files
- Exporting Events
- Executing Actions and Playbooks
- Managing Approvals
Module 3 – Cases: Complex Events
- Leveraging Case Management for Complex Investigations
- Implementing Case Workflows
- Marking Evidence
- Generating Reports
Investigating Incidents with Splunk SOAR Course Prerequisites:
- Security operations experience
Discover the perfect fit for your learning journey
Choose Learning Modality
Live Online
- Convenience
- Cost-effective
- Self-paced learning
- Scalability
Classroom
- Interaction and collaboration
- Networking opportunities
- Real-time feedback
- Personal attention
Onsite
- Familiar environment
- Confidentiality
- Team building
- Immediate application
Training Exclusives
This course comes with following benefits:
- Practice Labs.
- Get Trained by Certified Trainers.
- Access to the recordings of your class sessions for 90 days.
- Digital courseware
- Experience 24*7 learner support.
Got more questions? We’re all ears and ready to assist!