ArcSight Bootcamp (If you already done ACIA and ACSA, you can go directly to the week 3 & 4 ):
Week 1
· ArcSight Certified Integrator/Administrator material (ACIA)
· ESM installation troubleshooting exercise
Week 2
· ArcSight Certified Security Analyst material (ACSA)
· ArcSight Express Installation & Configuration
Week 3
· SmartConnector Deep Dive
· Logger
· Connector Appliance
· Importing zones and assets (Network Model Wizard & Asset Import Connector)
· Customizing console tools
· ESM remote authentication
· Case customization
· Pattern Discovery
· Troubleshooting presentation by ArcSight Support
Week 4
· FlexConnector development
· Modifying stock connectors
· Unobfuscating parsers
· Map files
· Parser overrides
· Compliance Insight Packages (focus on PCI)
And later RSA enVision TechFest 2010, below you can see some of the talks:
Envision Roundtable
Get your questions about enVision answered by Product Management, Engineering and Support.
Mastering the ESI Tool
This not-to-be-missed workshop will present some of the more obscure tools available in ESI. Using the latest hands-on techniques, we will show how these items can be used in the context of building support for an event source.
enVision POC Best Practices and Content Utilization
The session will broach the topic of the best way to work with enVision and then focus on how to do a POC with a keen focus on the Solution Validation Matrix and technically selling. There will additional discussion around troubleshooting, workarounds, resources available, and objection handling.
Enterprise Risk and Control Frameworks and Standards
(Where and how they apply)
COSO, COBIT, ITIL, NIST, ISO… How many times have you heard these frameworks in conversation? What exactly are these? Where do they apply? Who cares about these? How do they fit in with RSA?
Risk-based Authentication is a different approach than traditional authentication where the decision criterion was always true/false. In this session we cover the Risk-Based Authentication customer pitch, discuss the strengths and limitations of this approach and explore the regulatory frameworks and how to fit the Risk-Based approach to standards originally written in the old black-and-white world.
Introduction to the Archer Framework
The Archer SmartSuite Framework is a platform for building on-demand applications and packaging them into solutions to solve business problems. This Framework enables you to choose the most appropriate environment for your applications and to transport them between environments as your needs change. Find out how organizations are leveraging the Framework to build robust GRC solutions
.
Archer - Risk Assessments 101
Archer’s Application Builder feature offers powerful tools and a user-friendly interface for building risk questionnaires with no programming required. You can design questionnaires to assess the risk level for any organizational asset including servers, applications, facilities and even third party vendors. See how questionnaires can be used to solve today’s Governance, Risk and Compliance challenges using Archer’s Application Builder.
Event Explorer Tips and Tricks
You've learned how to get log event data into enVision, now come learn how to extract the intelligence from this data in unique and exciting ways using RSA Event Explorer. This session will go beyond the Standard Chart and Standard Table, and show you how to exploit the power of Event Explorer's graphical capabilities, in addition to other advanced topics.
RSA enVision Most Frequently Generated Field Technical Support Issues(And How To Avoid Them)
This session will cover the most common technical support issues raised by field personnel and ways to troubleshoot or avoid the issue altogether.
This session will focus on high availability solutions using both the enVision ES and LS systems. Real world HA solutions and best practices will be discussed and provided to all attendees in order to help meet redundancy and DR requirements. We will also explore the different storage options.
SIEM summer!
No comments:
Post a Comment