Overview What You Will Learn Curriculum Instructor

Course Overview

Security information and event management (SIEM) offer real-time monitoring and analysis of events and tracking and logging of security data for compliance or auditing purposes. SIEM collects security data from network devices, servers, domain controllers, and more. SIEM stores, normalizes, aggregates, and applies analytics to that data to discover trends, detect threats, and enable organizations to investigate any alerts. 

The course begins with Introduction to SIEM, Overview, Key objectives, Defence-in-depth, corporate environment, Log management, Why SIEM is necessary, use cases, main modules & elements of SIEM, SIEM process flow, Typical features of SIEM, Event life cycle, SOC controls and Management, SIEM Architecture, use cases and SIEM Deployment options. You will also get an introduction to one of the global SIEM commercial platforms (Azure Sentinel user interface and will be conversant with the UI. You can start using Azure Sentinel \ transforming commands, can create workbooks and dashboards, you will know how to save and share reports and also can create alerts. comprehending intrusion tolerance, prevention, and detection. As you move on, you will learn to understand the characteristics of a robust SIEM. Further, you will learn to configure and deploy Azure Sentinel SIEM and use a web interface. Next, you will learn to configure the data collector agent, server, and logger. Moving on, you will learn to configure and create analytics detection rules and use cases. Next, you will learn to manage incidents, triage and take responsibility and actions via automation & SOAR capabilities. Finally, you will learn to do more advanced hunting to monitor security, logs and forensics.

By the end of the course, you will become an expert in hierarchically deploying multiple collection agents to collect security-related events from end-user devices, hosts, network equipment. 

What You Will Learn

  • Build and design multi-tenancy SIEM Architecture.
  • Collect data / logs from any data sources (Cloud, Hybrid, On-Prem).
  • Leverage AI & ML (Machines Learning Models) for detection.
  • Build custom detection & analytics rules.
  • Build automation rules and playbooks for custom integration and/or response and remediation.

Program Curriculum

  • Overview and Key Aspects of SIEM Solutions
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • SIEM Solutions Models
  • Architecture Design (Single/Multi-tenancy) & RBAC
  • Chapter 2 Quiz

  • SIEM Solutions Deployment Pre-requisites
  • Deploying and Configuring Azure Sentinel SIEM
  • Chapter 3 Quiz

  • Data Collection
  • Data Normalization & Parsing
  • Chapter 4 Quiz

  • Analytics Detection Rules & Use Cases
  • Reports & Workbooks
  • Chapter 5 Quiz

  • Cyber Threat Intelligence Overview and Data Types/Domains
  • Configuring and Integration with CTI Data Sources/Providers
  • Chapter 6 Quiz

  • Cases & Incidents Management
  • Threat/Incidents Investigation and Forensics Process
  • Chapter 7 Quiz

  • SIEM Triage Process – Part 1
  • SIEM Triage Process – Part 2
  • Chapter 8 Quiz

  • Query Language
  • Chapter 9 Quiz

  • Overview of Key Takeaways from Course
Load more modules

Instructor

Hesham Saad

Hesham Saad is a Senior Regional Cybersecurity & Technical Specialist in Microsoft, covering EMEA with extensive experience in threat protection, security analytics, DFIR - forensic analysis, SOC Operations, SIEM, SOAR, and advanced hunting, Modern Desktop & Management, Architecting, designing & developing security services and software applications/systems pipelines and more than 14+ years experience in Security, IT & Enterprise Architecture Design Role Responsibilities: • Architect, Design, develop, and implement advanced DFIR, SOAR, and SIEM security systems, modules, and workflows. • Build security system infrastructure. • Develop and update project code. • Manage project code development and its adherence to project design. • Assure assigned and developed modules quality. • Cybersecurity Consulting & Design Patterns. • Apply design patterns and Agile process. Specialties: Enterprise Security Solutions, DFIR, SIEM, SOAR, Threat Hunting, SOC Operations, Modern Desktop & Endpoints Security, and productivity.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Fastest Way to Level Up Your Cybersecurity Skills

Invest in your future with flexible subscription plans that give you access to the world’s largest online cybersecurity course library. Whether you're exploring cybersecurity courses for beginners or advancing your expertise,
access in-demand courses, practical labs, and CTF challenges designed to support continuous learning.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Build your cybersecurity skills with 900+ bite-sized courses and curated learning paths designed for continuous learning.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 880+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Develop real-world cybersecurity skills through hands-on labs and CTF challenges designed for practical learning.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro, Plus:

  • 1600+ Hands-on lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Hands-on Labs and Challenges added every month

Related Courses

  • Bootstrap 4 Quick Website Bootstrap Components Course
    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches
    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course
    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS
    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training
    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes
    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally
    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

  • Mastering Ansible Playbooks: Debugging and Security
    Short Course

    Mastering Ansible Playbooks: Debugging and Security

    Software Development

    Securing and Automating Linux and Windows Systems with Advanc...

    $99.99

    Advanced

    5 hr 34 m

1 50
View all