The RSA Archer Security Operations Management provides an overview of the business need for managing security operations and the business impact that SecOps provides. Content includes SecOps functionality for SOC management and incident and data-breach management.
This on-demand learning provides practitioner-level training on the business need for managing security operations and the business impact of the RSA Archer Security Operations Management (SecOps) solution and its basic functionality. Content provides a basic understanding of the challenges of managing IT security operations, and describes how SecOps is positioned to address those challenges. Students will learn about the basic functionality of SecOps – from managing a Security Operations Center (SOC) to managing incident response and data-breach response – and will learn how the SecOps solution enables organizations to manage the entire lifecycle with integrated business context and best practices aligned with industry standards. This course introduces the key personas involved in security operations management, as well as presenting typical security operations management workflows and describes how various roles have full visibility into the entire process lifecycle with focused workflows, dashboards, and reports.
RSA NetWitness SecOps Manager Practitioners.
Archer GRC Solutions Overview and knowledge about the GRC industry.
Upon successful completion of this course, participants should be able to:
- Explain the necessity for and challenges to security operations management
- Describe the business impact that SecOps provides.
- Identify the purpose of, workflow, and typical roles in a security operations center.
- Describe the functionality of the SecOps solution.
- Perform the functional tasks – at a Practitioner level – that are enabled by SecOps.
- Explain how SecOps is used to meet IT Security and Risk Management business requirements.
- Module 1 – Managing Security Operations
- Importance of managing security operations
- Function and purpose of a SOC
- Process of security operations management
- Key personas in a SOC
- Module 2 – RSA Archer Security Operations Management Solution (SecOps)
- World-Class SOC program
- SecOps in action
- SecOps value
- SecOps and the SOC lifecycle
- SOC maturity model
- Security incident response industry standards
- SecOps architecture
- SecOps workflow
- Module 3 – Managing SOC Readiness
- SOC staff and contacts
- SOC policies and procedures
- Policy review
- Security controls
- Call trees
- Module 4 – Responding to Incidents
- Level 1 workflow
- Level 2 workflow
- Alerts and incidents
- Alert aggregation
- Declared incidents
- Confidential incidents
- Module 5 – Responding to Data Breaches
- Data breach workflow
- Breach response lead and team
- Module 6 – Remediation
- Remediation workflow
- Review workflow
- Exception request workflow
- Module 7 – How SecOps Fits into ITSRM
- What is ITSRM?
- How is SecOps used in the ITSRM solution