Role-based, instructor-lead IT security training
Huntsman Security provides you with comprehensive, interactive instructor-lead training programs for Huntsman, comprising formal lectures, class discussions and practical exercises. This format ensures that, whether you’re an administrator or business user, you’ll gain a practical understanding about how to use Huntsman in your environment.
Huntsman User Course
Course duration: 1 day
This hands-on course is designed for analysts and users whose role is monitoring and investigating security events in a SOC/ NOC/ SAC environment. Course participants will learn about Huntsman technology, its capabilities and how to:
- Use Huntsman to monitor and interpret security information
- Conduct detailed drilldown of data for forensic analysis and audit
- Create and track security incidents
- Present data visually in a variety of forms
- Generate and schedule reports in support of investigations.
Huntsman Certification Course for Administrators
Course duration: 3.5 days
This targeted course is for technical personnel whose role is systems administration of Huntsman. In addition to an overview of IT security principles and Huntsman architecture, this detailed program covers installation, configuration and use of Huntsman, and trouble-shooting.
Course participants will learn how to:
- Deploy the Huntsman system
- Configure access based on roles and integration with external authentication systems
- Add Huntsman agents and import new data sources
- Manage stored data and configure archiving policies
- Configure both rule-based and anomaly-based alerting
- Huntsman® best practice and general trouble shooting.
Huntsman Advanced Administrator
Course Duration: 2 days
This course is for Huntsman Certified Administrators with a minimum of two months OTJ (on the job) experience of running Huntsman. It’s designed to impart advanced skills that ensure administrators and their staff achieve the very best from their Huntsman deployment.
Course participants will learn about:
- Advanced Huntsman design and configuration, including Zone Collector, Zone Decider and Multi-Decider deployments
- Advanced alerting including alerting chains, and using external sources for alert contextualisation
- Integration of complex data sources including the use of the unstructured parser and regular expressions
- Diagnostic and troubleshooting labs.