Workshop Title: Intro SIEM, Data, and Splunk
Date/Time: 12p - 6p PST
This is a hands-on workshop where you will put into practice those things you may have read about or covered in a class. This is also a great opportunity to meet other like-minded women and to keep your skills fresh if you're a veteran! You will also earn continuing education credits towards your certification renewal.
Level 100 courses are designed for students with little to no previous IT Security experience, or no experience in the topic(s) being covered. These courses are meant to be introductory level, or provide the training for entry level certifications.
Level 200 courses are designed for students with some security experience, looking to advance or learn in new topics.
Level 300 courses are designed to offer expert level courses and training on specific topics. Typically, a general understanding and knowledge of the topic being presented is an expected prerequisite.
**No one is excluded from attending a course at a level higher than their current experience. However, the course will move at the pace designed for the level of the course.
Where do I fit? See full description here
This hands-on workshop will introduce the purpose of a Security Information and Event Management (SIEM) system, logging design, installation of Splunk, data normalization, Splunk Search Processing Language (SPL) basics and tips, and methodology and development of alerts and monitoring.
You will have the opportunity to develop alerts and dashboards for security monitoring.
This workshop will be moderately technical with real-life cybersecurity use-cases and analysis.
Objectives – What You Will Leave Knowing
• Logging architecture and design philosophy
• Splunk installation and configuration
• Data normalization practices
• Alert and monitoring development methodology
• Splunk SPL and dashboard development
• Resources for further development and skills
Mary is a SIEM engineer and has worked for industry leaders in gaming and entertainment. She has had the opportunity to work with innovators and leaders in the Security Operations space using dominant market technology. Mary holds a Bachelor’s degree in Computer Information Systems and numerous certifications from SANS, ISC2, Cisco, and others. Additionally, Mary is active in her local Los Angeles cyber security community through WSC, DC310, ISSA, and other meetups.
Prerequisites – What You’re Expected to Know
• Basic knowledge of technology
• An understanding of security concepts
• Familiarity with basic Linux command line
• Virtualization software
• regex is helpful in general but may be out of scope for this course
12-1: Set-up, introductions, and lunch
(Please note that this will be active workshop time - if you have not completed set-up it will be challenging to follow.)
5-6: Wrap-up, Q&A
• Windows or Mac computer with administrative access
• Virtualization software such as VMware Player or VirtualBox
• Virtual machine, the OS should be different from your host system
i.e. if your host machine is Windows, create a Linux virtual machine, preferably Ubuntu, but any distro is fine. You can download from the web or the google drive link (available once registered).
If your host machine is Linux or Mac, create a virtual machine using Windows. There are trial operating systems that will work. You can download from the web or the google drive link (available once registered)..
Remote and Male Associate Member Participation:
Once registered, you'll receive the meeting participation info by email the day before the workshop. Expect to join 15-30 minutes prior to test your technical configurations. It’s recommended that you have a 2nd monitor to view the screen-sharing.
Full/Student/Military Member: $120
Associate Member and Remote Attendee: $45
Long Beach City College
1305 E Pacific Coast Hwy (Pacific Coast Campus)
Long Beach, California 90806
WE ONLY HAVE ROOM FOR 20 ONSITE, SO REGISTER EARLY!