top of page

Splunk Enterprise Security (SIEM)

Unlock your potential to excel in SOC Analyst interviews by mastering the art of Splunk Enterprise Security (SIEM) and incident response in just 7 days.

This comprehensive live bootcamp is your gateway to understanding real-world security monitoring, incident investigation, and advanced threat detection. With hands-on training in correlation searches, the investigation workbench, incident response, and integrating threat intelligence, you'll gain the skills and confidence to tackle any challenge.

Finish strong with expert-led mock interviews and certification, ensuring you're interview-ready and equipped to make a lasting impact in any SOC environment.





Roadmap:


Unit 1: Introduction to Splunk Enterprise Security (ES)

  • Overview of Splunk Enterprise Security (ES) and its role in a SOC

  • Navigating the Splunk ES dashboard

  • Understanding and customizing ES user roles

  • Introduction to key ES concepts: Notables, Correlation Searches, and Risk Scores

  • Hands-on: Basic ES dashboard navigation and customization


Unit 2: Security Monitoring and Incident Investigation

  • Introduction to Security Monitoring and Incident Investigation

  • Understanding Incident Investigation Workflow

  • Analyzing and Responding to Security Events in Splunk ES

  • Investigating and Managing Notables in Splunk ES

  • Hands-on: Investigating and Responding to a Security Incident


Unit 3: Understanding Correlation Searches and Tuning Notables

  • Introduction to Correlation Searches in Splunk ES

  • Creating, Managing, and Tuning Correlation Searches

  • Configuring and Tuning Notables for Accurate Alerting

  • Understanding and Implementing Adaptive Response Actions

  • Hands-on: Creating and Tuning Correlation Searches


Unit 4: Splunk ES Investigation Workbench

  • Introduction to the Investigation Workbench in Splunk ES

  • Creating and Managing Investigations

  • Linking Notables and Artifacts to Investigations

  • Collaborating on Investigations Using the Workbench

  • Hands-on: Using the Investigation Workbench for Case Management


Unit 5: Threat Intelligence and Integration

  • Introduction to Threat Intelligence in Splunk ES

  • Integrating Threat Intelligence Feeds with Splunk ES

  • Utilizing Threat Intelligence for Enriched Incident Response

  • Analyzing and Responding to Threat Intelligence Alerts

  • Hands-on: Integrating and Using Threat Intelligence in Investigations


Unit 6: Advanced Incident Response in Splunk ES

  • Advanced Incident Response Techniques Using Splunk ES

  • Correlating Security Events with Threat Intelligence

  • Prioritizing and Escalating Incidents Based on Risk Scores

  • Hands-on: End-to-End Incident Response with Splunk ES


Unit 7: Reporting and Certification

  • Creating Incident Reports in Splunk ES

  • Presenting Investigation Findings to Stakeholders

  • Best Practices for Report Writing in a SOC Environment

  • Mock Interviews and Review of Key Concepts

  • Certification Test & Bootcamp Completion Ceremony

3-Weeks Live Bootcamp/SOC Shift Training

Start Date:

Monday, January 13, 2025

End Date:

January 27, 2025

Time:

6:30-9:30 PM ET

100% Money-Back Guarantee!

Program Tuition:

$600

bottom of page