RSA Security Operations Management (SecOps) Essentials

Document created by Elizabeth Maloney Employee on Oct 18, 2016Last modified by Connor Mccarthy on Nov 29, 2017
Version 6Show Document
  • View in full screen mode

Register Now

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

 

Summary

The RSA Archer Security Operations Management provides an overview of the business need for managing security operations and the business impact that SecOps provides. Content includes SecOps functionality for SOC management and incident and data-breach
management.

 

Overview
This on-demand learning provides practitioner-level training on the business need for managing security operations and the business impact of the RSA Archer Security Operations Management (SecOps) solution and its basic functionality. Content provides a basic understanding of the challenges of managing IT security operations, and describes how SecOps is positioned to address those challenges. Students will learn about the basic functionality of SecOps – from managing a Security Operations Center (SOC) to managing incident response and data-breach response – and will learn how the SecOps solution enables organizations to manage the entire lifecycle with integrated business context and best practices aligned with industry standards. This course introduces the key personas involved in security operations management, as well as presenting typical security operations management workflows and describes how various roles have full visibility into the entire process lifecycle with focused workflows, dashboards, and reports.


Audience
RSA Archer Security Operations Management Practitioners.


Delivery Type
On-Demand Learning


Duration
90 minutes


Prerequisite Knowledge/Skills
Archer GRC Solutions Overview and knowledge about the GRC industry.

 

Learning Objectives
Upon successful completion of this course, participants should be able to:

  • Explain the necessity for and challenges to security operations management
  • Describe the business impact that SecOps provides.
  • Identify the purpose of, workflow, and typical roles in a security operations center.
  • Describe the functionality of the SecOps solution.
  • Perform the functional tasks – at a Practitioner level – that are enabled by SecOps.
  • Explain how SecOps is used to meet IT Security and Risk Management business requirements.

 

Course Outline

  • Module 1 – Managing Security Operations
    • Importance of managing security operations
    • Function and purpose of a SOC
    • Process of security operations management
    • Key personas in a SOC

 

  • Module 2 – RSA Archer Security Operations Management Solution (SecOps)
    • World-Class SOC program
    • SecOps in action
    • SecOps value
    • SecOps and the SOC lifecycle
    • SOC maturity model
    • Security incident response industry standards
    • SecOps architecture
    • SecOps workflow

 

  • Module 3 – Managing SOC Readiness
    • SOC staff and contacts
    • SOC policies and procedures
    • Policy review
    • Security controls
    • Call trees

 

  • Module 4 – Responding to Incidents
    • Level 1 workflow
    • Level 2 workflow
    • Alerts and incidents
    • Alert aggregation
    • Declared incidents
    • Confidential incidents

 

  • Module 5 – Responding to Data Breaches
    • Data breach workflow
    • Breach response lead and team

 

  • Module 6 – Remediation
    • Remediation workflow
    • Review workflow
    • Exception request workflow

 

  • Module 7 – How SecOps Fits into ITSRM
    • What is ITSRM?
    • How is SecOps used in the ITSRM solution

Register Now

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Attachments

    Outcomes