This course provides you with the knowledge required to use advanced ArcSight ESM content to find and correlate event information, perform actions such as notifying stakeholders, graphically analyze event data, and report on security incidents. You will familiarize and/or reinforce your understanding of the advanced correlation capabilities within ArcSight ESM that provide a significant edge in detecting active attacks.
This course covers ArcSight security problem solving methodology using advanced ESM content to find, track and re-mediate security incidents. During the training, you will use variables and correlation activities, customize report templates for dynamic content, and customize notification templates to send the appropriate notification based upon specific attributes of an event.
The certification consists of a hands-on exam the last day of the class.
Audience Summary
Security Analysts
Delivery Type
Virtual Instructor Led Training with exam
Course Length
5 days
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox