Elastic Alerting for Cybersecurity
The best security systems need to cast a wide net, and then know what’s a valid threat and what’s background noise. And they need to do all that without oversight, allowing administrators to focus their time on the valid threats. In this course, you will learn how to use Elastic Stack alerting functionality to hunt down threats based on custom queries and thresholds, and automatically notify users when there’s a problem. You will explore useful cybersecurity alerts that you can set up in order to enhance your security monitoring capabilities. You will also learn about how to create alerts based on Elastic machine learning anomaly detection. After completing this course, you will be able to use the Elastic Stack to hunt threats more effectively and efficiently.
- Introduction to Cybersecurity
- Introduction to Elastic Stack Alerting
- Configuring Cybersecurity Alerts
- Incorporating Machine Learning into Alerting
This course is a module of the Security Analytics specialization. Find out how our focused Training Specializations can help you with your use case.
Security Analysts, SOC Managers, Security Practitioners, Information Security Consultants, System Administrators
Virtual Classroom - 1 Day | 2-3 hours
- We recommend you have taken Kibana Data Analysis and Elasticsearch Engineer I or possess equivalent knowledge.
- General familiarity around security log data
- Basic networking knowledge
- Basic experience with Elastic machine learning
- Stable internet connection
- Mac, Linux, or Windows
- Latest version of Chrome or Firefox (Safari is not 100% supported)
Upcoming Classes — Elastic Alerting for Cybersecurity
It was awesome. Both instructors are great speakers. They have a wide and deep knowledge about the topic, and they know how to pass it on. They are infecting with their enthusiasm.