Overview What You Will Learn Curriculum Instructor

Course Overview

Security information and event management (SIEM) offer real-time monitoring and analysis of events and tracking and logging of security data for compliance or auditing purposes. SIEM collects security data from network devices, servers, domain controllers, and more. SIEM stores, normalizes, aggregates, and applies analytics to that data to discover trends, detect threats, and enable organizations to investigate any alerts. 

The course begins with Introduction to SIEM, Overview, Key objectives, Defence-in-depth, corporate environment, Log management, Why SIEM is necessary, use cases, main modules & elements of SIEM, SIEM process flow, Typical features of SIEM, Event life cycle, SOC controls and Management, SIEM Architecture, use cases and SIEM Deployment options. You will also get an introduction to one of the global SIEM commercial platforms (Azure Sentinel user interface and will be conversant with the UI. You can start using Azure Sentinel \ transforming commands, can create workbooks and dashboards, you will know how to save and share reports and also can create alerts. comprehending intrusion tolerance, prevention, and detection. As you move on, you will learn to understand the characteristics of a robust SIEM. Further, you will learn to configure and deploy Azure Sentinel SIEM and use a web interface. Next, you will learn to configure the data collector agent, server, and logger. Moving on, you will learn to configure and create analytics detection rules and use cases. Next, you will learn to manage incidents, triage and take responsibility and actions via automation & SOAR capabilities. Finally, you will learn to do more advanced hunting to monitor security, logs and forensics.

By the end of the course, you will become an expert in hierarchically deploying multiple collection agents to collect security-related events from end-user devices, hosts, network equipment. 

What You Will Learn

  • Build and design multi-tenancy SIEM Architecture.
  • Collect data / logs from any data sources (Cloud
  • Hybrid
  • On-Prem).
  • Leverage AI & ML (Machines Learning Models) for detection.
  • Build custom detection & analytics rules.
  • Build automation rules and playbooks for custom integration and/or response and remediation.

Program Curriculum

  • Overview and Key Aspects of SIEM Solutions
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • SIEM Solutions Models
  • Architecture Design (Single/Multi-tenancy) & RBAC
  • Chapter 2 Quiz

  • SIEM Solutions Deployment Pre-requisites
  • Deploying and Configuring Azure Sentinel SIEM
  • Chapter 3 Quiz

  • Data Collection
  • Data Normalization & Parsing
  • Chapter 4 Quiz

  • Analytics Detection Rules & Use Cases
  • Reports & Workbooks
  • Chapter 5 Quiz

  • Cyber Threat Intelligence Overview and Data Types/Domains
  • Configuring and Integration with CTI Data Sources/Providers
  • Chapter 6 Quiz

  • Cases & Incidents Management
  • Threat/Incidents Investigation and Forensics Process
  • Chapter 7 Quiz

  • SIEM Triage Process – Part 1
  • SIEM Triage Process – Part 2
  • Chapter 8 Quiz

  • Query Language
  • Chapter 9 Quiz

Overview of Key Takeaways from Course

Load more modules

Instructor

Hesham Saad

Hesham Saad is a Senior Regional Cybersecurity & Technical Specialist in Microsoft, covering EMEA with extensive experience in threat protection, security analytics, DFIR - forensic analysis, SOC Operations, SIEM, SOAR, and advanced hunting, Modern Desktop & Management, Architecting, designing & developing security services and software applications/systems pipelines and more than 14+ years experience in Security, IT & Enterprise Architecture Design Role Responsibilities: • Architect, Design, develop, and implement advanced DFIR, SOAR, and SIEM security systems, modules, and workflows. • Build security system infrastructure. • Develop and update project code. • Manage project code development and its adherence to project design. • Assure assigned and developed modules quality. • Cybersecurity Consulting & Design Patterns. • Apply design patterns and Agile process. Specialties: Enterprise Security Solutions, DFIR, SIEM, SOAR, Threat Hunting, SOC Operations, Modern Desktop & Endpoints Security, and productivity.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 699.00
Billed annually or $79.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • Hands-on FortiGate Firewall

    Hands-on FortiGate Firewall

    Short Course

    Hands-on FortiGate Firewall

    Security Architecture and Operations

    Learn how to deploy the FortiGate NGFW and how to configure t...

    $99.99

    Intermediate

    3 hr 0 m

  • Hands-on SELinux

    Hands-on SELinux

    Short Course

    Hands-on SELinux

    Security Architecture and Operations

    Learn SELinux Basics: Implement Security Policies, Troublesho...

    $49.99

    Beginner

    5 hr 28 m

  • Complete Bash Shell Scripting

    Complete Bash Shell Scripting

    Short Course

    Complete Bash Shell Scripting

    Security Architecture and Operations

    Automate repetitive tasks with Bash Shell Scripting to save v...

    $79.99

    Intermediate

    18 hr 10 m

  • Installing and Mitigating Linux Rootkits

    Installing and Mitigating Linux Rootkits

    Short Course

    Installing and Mitigating Linux Rootkits

    Security Architecture and Operations

    Understanding the threat posed by rootkits in Linux and poten...

    $59.99

    Advanced

    3 hr 0 m

  • Start Hacking and Making Money Today at HackerOne

    Start Hacking and Making Money Today at HackerOne

    Short Course

    Start Hacking and Making Money Today at HackerOne

    Security Architecture and Operations

    Hack Legally and Get Paid for Your Findings

    $59.99

    Beginner

    1 hr 9 m

  • PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    Short Course

    PowerShell Scripting Essentials: Anatomy of Logging – Developi...

    Security Architecture and Operations

    How to write a PowerShell module that contains functions to d...

    $69.99

    Intermediate

    6 hr 1 m

  • Machine Learning for Application in Digital Forensics

    Machine Learning for Application in Digital Forensics

    Short Course

    Machine Learning for Application in Digital Forensics

    Security Architecture and Operations

    Unlocking the Potential of Machine Learning: From Theory to P...

    $99.99

    Intermediate

    4 hr 0 m

  • Applied Python Cryptography

    Applied Python Cryptography

    Short Course

    Applied Python Cryptography

    Security Architecture and Operations

    Securing your Python code and protecting your users private i...

    $79.99

    Intermediate

    4 hr 0 m

1 8