Orchestration and Automation of Security Operations
- Duration: 3 days
- Course delivery: Online/Cyber Quarter, Hereford
- Course code: CQOASE
- Cost: £2,150 + VAT
Registration Form
Training course outline
Existing solutions in proactive network defence often rely on monitoring solutions that generate alerts and respond based on pre-defined parameters that validate the presence of active threats. Organisations use these solutions to protect from known or unknown attacks and mitigate the impact of vulnerabilities exploited locally or remotely. The plethora of these solutions and interoperability issues between them causes integration challenges within existing security operations centres (SoCs). Security orchestration solutions promise to deliver better threat analysis and active response to security incidents. This course introduces security orchestration principles, tools, and techniques to automate the identification of suspicious activities to ensure seamless integration of security solutions in modern security operation centres.
What will I learn?
- Understand the processes that govern planning, automation, integration, and coordination of security activities in response to security incidents
Who should attend this training course?
The Orchestration and Automation of Security Operations course is suitable for those who work or seek a career as information security analysts and SoC/VSoC operators or anyone with a strong technical interest in automating security operations using analytics. There are no previous learning requirements.
What does this training course cover?
- SoC and VSoC Fundamentals
- Firewall, Intrusion Detection Systems and Instruction Prevention Systems (IDS/IPS)
- Security Information and Events Management (SIEM)
- Composition and Architectures for Threat-based Cyber Assessments
- Cyber Threat Analytics
- Big Data Architectures and Deployments
- Privacy Enhancement Technologies and Anonymity Relay Network Traffic
- Cyber Assessment Methodologies and Mission-sensitive Systems
- Security Monitoring and Management Frameworks
- Security Orchestration Solutions, Tools and Techniques
- Event-driven Service-oriented Architectures for Security Operations
- Network Function Virtualisation Technologies
- Automated Event Management Systems
- Security Event Correlation Techniques
- Attack Analysis and Emulation Tools
- Execution Environments and Security Automation Strategies
- Baselines for Human Intervention (planning, decision-making)
What’s included in this course?
- Lunch and refreshments
- Free onsite parking
- Access to full course materials (digital copy PDF)
- A certificate of course completion
How can I further my knowledge?
For additional training modules and more details please contact cyberqtr@wlv.ac.uk