Cybersecurity with Metron
This 5-day course will provide a comprehensive introduction to the capabilities of Metron. The student will begin with installing Metron. After learning Metron’s domain specific languages (DSL), the Stellar Query and the Stellar Transformation Language, the student will create security telemetries, create enrichments, work with pluggable threat intelligence and understand the process of threat triage. The course will conclude with the student doing streaming enrichment and dashboarding with Kibana.
Course Outline
- Day 1: Metron Installation, Overview, Architecture
- Day 2: Creating a New Telemetry
- Day 3: Creating a New Enrichment and Pluggable Threat Intelligence
- Day 4: Threat Triage
- Day 5: Streaming Enrichment and Dashboarding with Kibana
Target Audience
Individuals who want to understand the capabilities of Metron.
Prerequisites
An experiential or academic understanding of the need for centralizing the use and monitoring of capabilities provided by the tools of Cybersecurity such as pcap, netflow, bro, snort, fireye, and Sourcefire. The student should understand how software services can combine security information management (SIM) and security event management (SEM). The student should have an understanding of services that provide real-time analysis of security alerts generated by applications and network hardware-based operating system and command line scripts.
Sorry! It looks like we haven’t updated our dates for the class you selected yet. There’s a quick way to find out. Contact us at 502.265.3057 or email info@training4it.com
Request a Date