certified elastic security engineer
Certified Elastic security engineer training is focused on vast implementation and administration of ELK in the organisations of all sizes .
With the growing number of laptops, desktops and mobile devices in the enterprise, sophisticated cybercriminals have even more open doors to your networks, systems and data. From these entry points, they often proceed deep and unnoticed.
With the Certified Elastic security engineer a security engineer can detect and responds to threats with complete root-cause . The Powerful Elastic SIEM can identify the Critical threats and prevent the business from insider running threats .
Candidates will learn how to leverage Elastic SIEM to drive your security operations and threat hunting. This course is designed for security analysts and engineers who have used multiple SIEMs or are familiar with SIEM concepts.
The goal of this course is to provide a detailed knowledge on how to build a effective SIEM from the ground zero level using the Elastic Stack. Throughout the course, students will learn about log collection methodologies and integration . We will cover endpoint agent selection, logging formats, parsing, enrichment, storage, and alerting etc .
We will combine All of the SIEM components to make a flexible, high-performance SIEM solution.
This approach will empower the elastic engineers and analysts to understand the complete system, make the best use of technology purchases, and supplement current underperforming deployments. Also This process allows organizations to save money on professional services, increase the efficiency of internal employment, and develop a nimbler solution than many existing deployments .
We have a dedicated section on hunting the anomalies in the infrastructure using advanced query search methodologies and hunting the advanced persistent threat activities with ELK-kibana. The candiate will work on both network layer and application layer to hunt the APT in the simulated environment .
detailed syllabus
MDR and Elastic search foundations
Need of MDR in the business , Principles of MDR methodologies, MDR vs Traditional SIEM solutions .MITRE framework for SOC teams, how to map MITRE framework within SIEM .SOC2 compliance, Pyramid of pain and Cyber kill chain for defenders
Detailed Understanding of Elastic Architecture ,cluster creation with cerebro, fundamentals of curator, Index template for routing , mapping , Data Retention and Optimisation for a production ready elasticsearch will be practised live .
beats and kibana primer
Populate the SIEM app with hosts and network security events using beats. Understand how Elastic Common Schema (ECS) enables SIEM to work with custom and third-party data sources supported by Beats
Configuration of Kibana, AAA policies of Kibana, visualisation of data and maintain the dashboards along with Elasticsearch.
Perform graph analytics, employ machine learning for threat hunting, and alerts for automation will be covered in this module.
ELK log parsing , IDS and Network Investigations
Understanding the Log architecture, Traditional Parsing, Modern phrasing, Dual stack SIEM and alerting engine for elasticsearch
Network traffic investigation with Fine-grained packet sorting, Berkeley Packet Filters, messaging queue and Google Stenographer for further analysis .
How to employ an IDS to support hunt operations. we will explore signature writing, Suricata vs. Snort, and IDS dashboards within Kibana.
elastic search zeek for defenders
Candidate will practice multiple ways to setup Zeek (formerly Bro) ,Zeek data flow, Zeek logging, Zeek file types, and Zeek protocol analysis.
Exploring Zeek for threat hunting with uses cases . Hands-on Zeek scripting, Zeek Event Engine, Intel Framework, and the Files Framework for defenders.
CAPES for Elastic engineers
CAPES Foundations for defenders , candidate will explore how to perform IR management with CAPES . Exploring the multiple capabilities of CAPES including communication, documentation, VoIP, collaborative workspaces, indicator enrichment, data analysis, and data visualization. This whole module is designed to enhance the engineer existing skills with CAPES technology stack and speed-up workflow .
Elastic search endgame for engineers
Installation and configuration of Elastic Endgame for detection.Understand alert management and whitelisting techniques. Explore IOC search using Endgame.
who should attend this training?
- Freshers
- Ethical hackers
- System Administrators
- Network Administrators
- Engineers
- Web admins
- Auditors
- Security Professionals
why should i take this training?
Multiple organizations seeking Elastic Engineers to enhance the existing cyber security defensive capabilities, configure and implement Elastic Search SIEM for your organization
prerequisite of the training ?
The person should familiar with basic computer operations
What is duration of the training ?
Its an Instructor-led online training and the total duration of the training is 45 hours.
TESTIMONIALS
What People Are Saying
Today I've completed my one 2 one online training by Mr Naresh sir from Certcube Labs .
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
5 start training. Naresh is the best. He made me Zero to Hero in 3 months time. Little bit expensive compare to others ,but totally worth it .
We're Here To Help!
Office
3500 , 1st Floor , Raja Park , New Delhi -110034
Hours
M-S: 10am - 11pm