Course Description: AlienVAult

This course is taught in online mode and consists of 14 units. The duration of the course is distributes between content and collaboration tools. Upon completion, students will receive a certificate of completion.

Training is done through our Virtual Campus , with this modality you will have all the educational content on the course platform and it will be accessible, from the day the course starts, 24 hours a day, every day of the week. The student will also have access to participation forums , as well as a continuous tutoring .

The course is taught in distance learning modality (100% bonus option) and in-person and remote training activities can also be carried out on demand.

• Access to the platform: 8 weeks
• Individualized support
• Fee: Request a quote

Introduction

AlienVault is an information security platform that offers comprehensive solutions for the detection and response to cyber threats . The AlienVault course aims to train security professionals in the use of this tool, as well as in best practices for incident management, risk analysis and attack prevention.

Upon completion of the course, participants will be able to use AlienVault to protect their infrastructure and data, as well as comply with current security standards and regulations. 

Addressed to

The course is aimed at people who have basic knowledge of information security, networks and operating systems, and who want to expand their skills in the field of cybersecurity.

Course content

1) Introduction to USM AlienVAult

Module 1

• Understanding the basic operation of AlienVault all-in-one
• Describe the AlienVault all-in-one architecture
• Description of OTX (Open Threat Exchange)

Module 2

• Graphic User Interface.
• AlienVault Graphic User Interface Description
• Description of AlienVault GUI menus.
• Basic configuration.

2) Asset management

• Definition of assets.
• Description of asset management.
• Add assets to the asset management table.
• Set up and schedule an asset discovery.
• Configure and manage assets using Groups, Networks, and Tags.

3) Configuring data sources

• Description of data introduction and homogenization.
• Describe data sources and how they work.
• Enable different data sources.
• Understand how events are processed.
• Calculate risks based on events.
• Correlate events.

4) Policies and actions

• Navigate the policy interface.
• Policy settings.
• Configure event policies.
• Configure policies for event policies.

5) Correlation directives

• Understanding the AlienVAult USM Correlation Method.
• Describe correlation directives.
• Create custom correlation policies.

6) Threat Detection

• • Configure the IDS.
• • Configure the IDS through the Environment menu.
• • Configure the IDS through the Assets menu.
• • Set up a vulnerability scan.

7) Behavior monitoring

• Describe and configure log collection.
• Describe and configure netflow.
• Describe and configure configuration enablement.

8) OTX

• Describe OTX and its most important concepts.
• Setting up an OTX account
• Collaboration with other OTX users.

9) Security analysis.

• Security analysis process.
• Dashboard review.
• Remedy the alarms.
• Event research.
• Check raw log for more details.
• Review packet captures for more details about an event.
• Ticket file for event investigation management

10) System maintenance.

• Describe, logs, alarms and log retention.
• Explain how event data is saved and restored.
• Explain how configuration data is saved and restored.

11) Administrative management of users.

• User profiles.
• Account management.
• Managing user authentication.
• Recovering administrator credentials.

12) USM Updates

• Explanation of the USM update process.
• How to update Threat Intelligence, Plugins and Reports.
• How to update USM offline.

13) Reports.

• Description of the reporting system.
• Create, schedule, and view a report.
• Create custom reports.
• Create custom report templates.
• Create custom modules from security logs and events.

14) Plugins.

• Understand how to create custom plugins for USM.
• Describe plugin configuration files.
• Using regular expressions in plugins.
• Explanation of plugin for SQL files.
• Enabling new plugins

Prerequisites

There are no technical prerequisites required to take this course. However, basic computer skills and knowledge of environments related to Information Technology are recommended.

Rates

If you are interested in taking this course in any training modality, please contact us.

• Mail: info@nanforiberica.com
•  Phone: +34 91 031 66 78
• WhatsApp: +34 685 60 05 91