CSN09: Using ArcSight Products to Test and Train Your SOC Watch Standers

Document created by beleslie on Aug 29, 2011Last modified by beleslie on Jul 8, 2014
Version 3Show Document
  • View in full screen mode

CSN09
Using ArcSight Products to Test and Train Your SOC Watch Standers
Speaker:
Dean Farrington, Information Security Engineer, Wells Fargo
The phrase "Train as you fight, fight as you train” is not only good doctrine for the armed forces but also for computer security incident response teams. This session will discuss a training architecture based on ArcSight ESM and ArcSight Logger that allows SOC operators to be trained with the same toolset they use on a daily basis, and also conduct incident response exercises in a way that allows the team to practice using ArcSight technology.

 

Outcomes