Bundle Description

This bundle comprises of five Titan Labs courses consolidated into one to provide students with a comprehensive overview of the ArcSight Ecosystem. The tools covered in this course are ArcSight’s ESM, Management Center, Logger, SmartConnectors, and FlexConnectors. By the end of the course, students will be competent in onboarding events, creating content, troubleshooting unparsed events, and upgrading components.

Included Courses

1. TITAN-ARC-001: Introduction to Protective Monitoring & SIEM

   • Protective Monitoring in SIEM

   • Creation and Implementation of Use Cases

   • Overview of the ArcSight Components within the ArcSight Ecosystem

2. TITAN-ARC-002: Onboarding New Event Sources

   • Identifying Event sources

   • Installing & Configuring the Connector

   • Configuring Connector Properties

   • Defining Event Collection & Establishing Connectivity

   • Testing, Validating, Monitoring, & Managing

3. TITAN-ARC-003: Creating Content

   • ArcSight ESM Content Creating

   • ArcSight Logger Search Best Practice

4. TITAN-ARC-004: Troubleshooting Unparsed Events

   • SmartConnectors & FlexConnectors

   • FlexConnector Development

   • FlexConnector Components

   • FlexConnector Development Tools

   • Advanced Operations and Regex

5. TITAN-ARC-005: Upgrading Components

   • Upgrading ArcSight ESM

   • Upgrading ArcSight Logger

   • Upgrading ArcSight Management Center

   • Upgrading SmartConnectors

Intended Audience

This course is designed for Security Professionals and SOC Administrators, who are responsible for deploying and administrating the ArcSight product suite within their environment.

Recommended Skills

• Familiarity working with command line tools

• Experience deploying applications in Windows and Linux environments

• Working knowledge of enterprise security, event, and log management