Course

Using Data

In this course we introduce Use Cases which are a framework designed to take a detection based capability from concept to reality. We then proceed to follow the process for an example Use Case Detection.

Syllabus

Use Cases

Video — 00:17:14

In this video we introduce a new concept that is used to drive new detection capabilities.

Searching for Data

Video — 00:18:39

In this video we cover using the SIEM to search for data to meet our use case examples.

Building Dashboards

Video — 00:12:41

In this video we build a dashboard to visualize the data to meet our use case example.

Filtering Noise

Video — 00:18:19

In this video we create processing rules to remove unwanted search results to narrow our focus to data meeting our use case requirements.

Creating Reports

Video — 00:09:35

In this video we create a dashboard to be used for generating an automated report.

Alarms

Video — 00:16:15

In this video we create an alarm to trigger once our criterion is met and provide us with the data we require for investigation.

Questions and Answers

Video — 00:09:48

A question and answer section built to test your knowledge.

Meet the author

Ryan Fitzpatrick has been working in IT for 14 years. He spent the first four years bouncing between help desk, systems administration and network administration for small businesses where he played around with every piece of technology he could get his hands on before landing on supporting SIEM. He was intrigued by data analytics and the automation potential SIEM brought to organizations.

Armed with natural curiosity, a wide scope of technological understanding and a childhood full of scripting, he found himself in a rewarding career where he could continue to learn, develop and automate. So far he’s helped ingest and analyze data from over 500,000 endpoints worldwide and trained two teams of analysts and engineers to perform security operations.

In his free time, Ryan enjoys video games, practicing jiu-jitsu and teaching himself new skills in IT. His latest interest has been in developing automation servers with Django, and he is successfully managing the health and status of a 60-node SIEM cluster designed to handle data from 60,000 data sources.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • Cyber Operator
  • Law Enforcement / Counterintelligence Forensics Analyst
  • Cyber Defense Forensics Analyst

You're in good company

CY

We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.

Caleb Yankus

DS

This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.

Daniel Simpson

IS

We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.

Infosec Skills Teams client

Plans & pricing

  • Infosec Skills Personal

    $299 / year

    • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Custom certification practice exams (e.g., CISSP, Security+)
    • Skill assessments
    • Infosec peer community support
  • Infosec Skills Teams

    $799 per license / year

    • Team administration and reporting
    • Dedicated client success manager
    • Single sign-on (SSO)
      Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
    • Integrations via API
      Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
    • 190+ role-guided learning paths and assessments (e.g., Incident Response)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Create and assign custom learning paths
    • Custom certification practice exams (e.g., CISSP, CISA)
    • Optional upgrade: Guarantee team certification with live boot camps

Award-winning training that you can trust

Comprehensive Cybersecurity Training - Infosec Skills
Cybersecurity Education and Training Gold Award - Infosec IQ
Top Rated Award - Infosec Skills
Technical Skills Development - Small Business, Mid-Market
Top 20 Online Learning Library