𝗙𝗿𝗲𝗲 𝗦𝗜𝗘𝗠 𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘀 𝟮𝟬𝟮𝟱
SIEM (Security Information and Event Management) is important in a Security Operations Center (SOC) because it enables the SOC team to effectively monitor, detect, and respond to security threats.
A SIEM solution aggregates data from multiple sources and uses data analytics to identify potential security incidents, allowing SOC analysts to focus their efforts on the most critical events.
To help you explore the world of SIEM, I've put together a list of valuable learning resources.
✅General
📎Windows Logging Basics - https://lnkd.in/grKYFQzJ
📎Jose Bravo - What is a SIEM? (5 Vídeos): https://lnkd.in/gc2UDpeD
📎PowerSIEM Analyzing Sysmon Events with PowerShell: https://lnkd.in/g_8Eq8vm
✅QRadar
📎Jose Bravo - QRadar (38 Vídeos): https://lnkd.in/gd7V_4pe
📎QRadar 101 - https://lnkd.in/esbz2RjK
📎QRadar SIEM Foundation: https://lnkd.in/es8NAdAw
📎Ariel Query Language Guide: https://lnkd.in/eAMKy25q
✅Splunk
📎Course Catalog - https://lnkd.in/ekm6RekE
📎Basic Searching : https://lnkd.in/gygnTMfD
📎Practical Splunk - Zero to Hero : https://lnkd.in/ePF_3PWj
📎Splunk Use Cases - https://lnkd.in/eJ4CTNV2
📎Exploring Splunk: https://lnkd.in/e8gVvMuu
✅Microsoft Sentinel
📎What is Microsoft Sentinel: https://lnkd.in/gdB7dAdU
📎Microsoft Sentinel Level 400 training : https://lnkd.in/ezDkpWmx
📎SOC 101: https://lnkd.in/evnF6kNm
✅FortiSIEM: https://lnkd.in/e5TvYZYt
✅AlienVault OSSIM
📎Cybrary - AlienVault OSSIM: https://lnkd.in/gRZAansT
✅Elastic - SIEM
📎Fundamentals: https://lnkd.in/gYNYs9vS
📎Manual: https://lnkd.in/dTVwgSbH
✅ArcSight (2 séries/paylists de vídeos)
📎Paul Brettle - What is Series: https://lnkd.in/gh5ruPZt
📎Paul Brettle - ArcSight ESM 101: https://lnkd.in/gS33AJdk
📎ArcSight Tutorial: https://lnkd.in/guEydy_U
✅SureLogSIEM Training
📎Training (English): https://lnkd.in/eAnAYDWJ
📎Training (Turkish): https://lnkd.in/e9VgJFHa
📎Training PDF: https://lnkd.in/eXYFmqqV
📎User Guide PDF: https://lnkd.in/e4HqkexW
✅LogSign
📎Training: https://lnkd.in/eXnjymv6
Source: https://lnkd.in/gvgy8aUc
Credit: Harun Seker, CISSP