Enterprise Security Products Training Plan Guide

Transcription

1 - Enterprise Security Products Training Plan Guide

2 Copyright 2016 Hewlett Packard Enterprise. All rights reserved. Published by Hewlett Packard Enterprise Hewlett Packard Enterprise. The information contained herein is subject to change without notice. The only warranties for HPE products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HPE shall not be liable for technical or editorial errors or omissions contained herein. Trademark acknowledgements if needed. First printing, January 2015 Last Updated: June 16, 2016

3 Contents 1 Enterprise Security Products A Proactive Approach to Information Security The Enterprise Security Landscape The Best Defense Is a Good Offense Security Products Security Services Security Research ExpertOne Certifications for HPE Software Industry Recognized Certifications Latest Course Information Hewlett Packard Enterprise Software Education Control Protecting your Investment Time to Market Return on Investment Getting Ahead of the Game Training Delivery Options Instructor Led Training (ILT) Virtual Instructor Led Training (VILT) elearning Self-Study Customized Training

4 4 Our Instructors Make It Interesting Make It Relevant ESP Learning Solutions Hewlett Packard Enterprise ArcSight Benefits Hewlett Packard Enterprise ArcSight Learning Solutions Hewlett Packard Enterprise ArcSight Learning Path HPE ArcSight Certification Path Hewlett Packard Enterprise ArcSight ESM Courses HPE ArcSight Security Solutions ATP HPE ArcSight ESM 6.5 Administrator and Analyst ATP HPE ArcSight ESM 6.5 Advanced Analyst ASE HPE ArcSight ESM 6.5 Advanced Administrator ASE Building Security Use Cases with HPE ArcSight ESM Creating Advanced ESM Content for Security Use Cases HPE ArcSight ESM Operations Introduction to HPE ArcSight Event Management HPE ArcSight Logger Courses HPE ArcSight Logger+ 6.0 Administration and Operations ASE HPE ArcSight Logger Administration and Operations HPE ArcSight Logger Search and Reporting HPE ArcSight Connectors and Connector Appliance Courses HPE ArcSight SmartConnector Foundations and Tool Kits HPE ArcSight FlexConnector Configuration HPE ArcSight Connector Appliance Administration and Operations HPE ArcSight Express Courses HPE ArcSight Express 4.0, CORR-Engine Administration and Operations HPE ArcSight Management Center Course HPE ArcSight Management Center Administration and Operations HPE ArcSight Courses - Complete HPE ArcSight Solution HPE ArcSight MASE Preparation Course HPE Fortify HPE Fortify Introduction HP Forify Benefits HPE Fortify Learning Solutions HPE Fortify Certification Path HPE Fortify Security Solutions ATP Dynamic Application Testing with HPE WebInspect Using and Administering HPE WebInspect Enterprise Developing with HPE Fortify Application Security HPE Fortify Software Security Center/Static Code Analyzer Working with HPE Fortify SCA, Audit Work Bench, and SSC Fortify for Developers Using Plugins

5 PCI Essentials Advanced Software Security Testing - Tools and Techniques Information Security and Privacy Awareness Introduction to Secure Coding in Java Introduction to Secure Coding in.net Introduction to Secure Coding in C/C Introduction to Secure Coding in PHP Introduction to Security Testing Principles C/C++ Developer Curriculum NET Developer Curriculum Java Developer Curriculum Mobile Developer Curriculum PHP Developer Curriculum Architect Curriculum Manager Curriculum HPE Atalla HPE Atalla Introduction HPE Atalla Benefits HPE Atalla Learning Solutions HPE Enterprise Secure Key Manager (ESKM) Training HPE Atalla Network Security Processor (NSP) Training HPE SecureData (Voltage) HPE SecureData (Voltage) Introduction HPE SecureData Voltage Benefits HPE SecureData Voltage Learning Solutions Introduction to HPE SecureData HPE Voltage SecureData Solutions Training Contact Us Index

6 Trained users require 6x less support than untrained users.

7 1. Enterprise Security Products From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. Hewlett Packard Enterprise Enterprise Security Products (ESP) is our answer to these threats and attacks. 1.1 A Proactive Approach to Information Security Hewlett Packard Enterprise ESP products and services help organizations meet the security demands of a rapidly changing and more dangerous world. ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis, and network-level defense mechanisms unifying the components of a complete security program and reducing risk across your enterprise. 1.2 The Enterprise Security Landscape Hewlett Packard Enterprise is changing the enterprise security landscape with advanced security solutions that uniquely leverage leading threat research and powerful correlation of security events and vulnerabilities to deliver security intelligence spanning IT operations, applications, and infrastructure. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 7 of 59

8 8 Chapter 1: Enterprise Security Products Hewlett Packard Enterprise s comprehensive approach has you covered: we disrupt your adversaries, manage your risk, and extend your capabilities. This strengthens your security posture to minimize incidence impact and control costs while expanding insight for better decisions. 1.3 The Best Defense Is a Good Offense When today s IT is faced with sophisticated threats, it s essential to have the right security solutions to protect your business. With an army of experts and arsenal of products, we work proactively across technologies to keep your data safe. Hewlett Packard Enterprise draws on decades of security experience to take the fight to adversaries before they attack. We can help you predict and disrupt threats, manage risk and compliance, and extend your own security team. 1.4 Security Products Take a proactive approach to security that integrates security information and event management (SIEM), application analysis, and network-level defense. 1.5 Security Services Implement a strategy to mitigate risk and avoid costly penalties for non-compliance. Hewlett Packard Enterprise can detect intrusions within 12 minutes of arrival and resolve 92% of major incidents within 2 hours of identification. And we provide tools, teams, and processes to comply with PCI, SOX, HIPAA, and EU Data. 1.6 Security Research Hewlett Packard Enterprise conducts innovative research and provides industry-leading protection against the latest threats. Security research publications and regular threat briefings include regular updates on the latest threats, Zero-Day initiatives, and application vulnerabilities. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 8 of 59

9 1.7 ExpertOne Certifications for HPE Software ExpertOne Certifications for HPE Software HPE ExpertOne certification puts you on the path to career enhancement and greater success in your chosen profession. Take advantage of a full suite of progressive benefits while increasing your knowledge, effectiveness and marketability. Register now to become an ExpertOne community member. Take your first step toward getting the benefits of HPE ExpertOne! You will gain access to technology tools such as whitepapers, videos, and social media events, and receive your HPE Learner ID. Jump on the path to realizing the many benefits of membership in the ExpertOne community. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 9 of 59

10 10 Chapter 1: Enterprise Security Products Industry Recognized Certifications HPE Certifications on the map in 2014 CIO Magazine 18 Hot IT Certifications for 2014 tom sit PRO Best Big Data Certifications for 2014 tom sit PRO Best Enterprise Architect Certifications for 2014 tom sit PRO 40+ Most Popular Networking Credentials TechTarget Top Cloud Computing Certifications to consider Brandon Hall 2014 Silver Best in Certification Award Winner 1.8 Latest Course Information For the latest course information, please refer to the details presented on the HPE Software Education Learning Management System. Please click the link below to be directed to this site: HPE Software Education Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 10 of 59

11 2. Hewlett Packard Enterprise Software Education The mission of the HPE Software Education organization is to deliver the best possible Enterprise Security Products learning experience. With a global team of experienced trainers, and subject matter experts, our business offers you well-designed training courses across the entire range of Information Management solutions. We educate you, support you, and put you in control of your investment to ensure real-world success. 2.1 Control Enterprise Software drives your business forward by automating processes and increasing efficiencies. Your cutting-edge investment requires end users who know how to get the most out of the technology. Meanwhile, your technical staff must learn how to configure, optimize, maintain, and administer the technology. Training addresses the needs of both of these users, giving them the knowledge to take control. 2.2 Protecting your Investment It s one thing to buy a plane, but quite another to fly it! You ve made the right decision to invest in HPE Software technologies. Now is the time to invest in your team, to train them on the solution and equip Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 11 of 59

12 12 Chapter 2: Hewlett Packard Enterprise Software Education them with the knowledge to get the best out of the technology. Learning from the professionals ensures that you are protecting that investment. As a result, your team will navigate and fly in the right direction. 2.3 Time to Market Enabling your team means your project will run more smoothly and efficiently and reach completion in shorter time frames. Our education services reinforce formal classroom instruction with extensive hands-on practical experience. The majority of the classes are in a workshop environment that challenges the trainee, aids them during the learning process, and accelerates the knowledge transfer. The earlier your team gains expertise, the more successful your project will be. Analyst reports suggest that 75% of managers believe effective training will increases the chances of a project meeting its deadlines. Furthermore, 80% of IT managers believe effective training is critical to the success of a project. 2.4 Return on Investment Cost is always a key consideration; education offers a way to lower the total cost of ownership. Our education courses present your team members with best practices in design, deployment, and administration of your HPE Software solutions. This translates into decreased technical support costs, lower ongoing administrative overhead, and the ability to work more effectively with our Consulting Services. Effective learning also leads to lower hardware costs with better-configured systems, decreased network load, and increased return on investment for integrated third-party applications. Thus, our training results in a return on multiple levels. 2.5 Getting Ahead of the Game The learning curve never stops, so if you want to lead the market with cutting-edge, world-class solutions you need to give your team the training they need to keep you competitive. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 12 of 59

13 3. Training Delivery Options Hewlett Packard Enterprise Software Education wants your Enterprise Security Products training delivered in the environment best suited to your needs. 3.1 Instructor Led Training (ILT) HPE Software Education operates instructor-led training sessions in facilities around the globe. Each course is designed to provide students with hands-on experience and is lab-based to keep learning practical. The class experience offers students the opportunity to personally interact with one of our certified instructors who has extensive experience and industry knowledge. We have a range of courses designed to accommodate both beginner and advanced students. To ensure that adequate attention is provided to each student attending an instructor-led class, HPE Software Education maintains class sizes between six to twelve participants. HPE Software Education also provides Instructor-Led on-site training and this is most convenient when your team members are located in the same region. As long as the host provides adequate on-site training facilities, HPE Software Education will send one of our instructors to your chosen site to conduct the training. We then deliver standard or customized training that addresses your unique business needs. Please note that the maximum class size for on-site training is limited to 12 students to ensure that adequate individual attention is provided. The benefits of on-site training are identical to VILT training with the added benefit of receiving face-to-face training in your domain. 3.2 Virtual Instructor Led Training (VILT) Virtual Instructor Led Training (VILT) classes are a good alternative to sending your staff to a public training course. This option reduces travel and expense costs in the event your staff are geographically Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 13 of 59

14 14 Chapter 3: Training Delivery Options dispersed. Furthermore, VILT saves valuable time by permitting the student to stay in the office during the training sessions. VILT are live, instructor-led sessions. Students connect to the virtual classroom using their own computer, telephone, or Internet connection. VILT instructors facilitate live sessions for participants around the globe. 3.3 elearning HPE elearning is interactive Web-based training that gets teams up to speed fast and is available ondemand 24x7. With hands-on exercises and easy-to-follow instructions, HPE elearning emphasizes key learning points and can support your team either as stand-alone learning or as a supplement to traditional training programs. HPE Software Education also offers a tailored elearning service to meet your business requirements. 3.4 Self-Study Our new self-study courses make learning easier and more enjoyable than ever. This offering allows participants to learn about a product by reading the course manual and then practice what they have learned by stepping through detailed hands-on exercises using a dedicated remote lab environment. This means participants do not need to lose valuable working hours traveling to a training location, and they have the flexibility to learn during business hours, or during evenings and weekends. 3.5 Customized Training From a detailed Training Needs Analysis through to building custom training courses, HPE Software Education can address your unique business needs. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 14 of 59

15 4. Our Instructors The Enterprise Security Products learning experience we deliver is the most important aspect of our service. For this reason HPE provides the highest quality of trainers in the industry. Our instructors are dedicated full-time professionals, highly trained as subject matter experts in their field. 4.1 Make It Interesting Our instructors deliver training with enthusiasm and are respectful of students and their needs at all times. It is through this process and our structured learning development philosophy that our classes are greatly valued and appreciated by participants. 4.2 Make It Relevant The key to effective and enjoyable training is to deliver material in a structured and well-organized manner, with clear learning objectives and multiple methods of assessment to measure and improve student progress. With many years of teaching experience, our instructors deliver engaging training courses, ensuring that all students enjoy achieving their set learning objectives. HPE Software Education courses are delivered through a holistic approach, combining theory and practical lessons to suit individual learning styles and provide engaging hands-on training. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 15 of 59

16 Training is an investment in your organization and in your people.

17 5. ESP Learning Solutions Hewlett Packard Enterprise Software Education offers a wide variety of ESP training courses, from basic to advanced, from business- and end-user to technical administrator and developer to enhance your knowledge of the various ESP platforms. 5.1 Hewlett Packard Enterprise ArcSight Hewlett Packard Enterprise ArcSight Introduction With ever-expanding network environments, business assets, commerce, processes, and communication are readily accessible from various locations. Critical data transactions cross multiple network boundaries, making business operations faster, cheaper, quicker, and more responsive. Though these interconnected network transactions make for good business it also puts a business environment at risk, due to security vulnerabilities. To manage these business risks you need to understand what is going on within your organization. To understand your business you must connect the dots and this means: Collecting information from across your enterprise The key to getting the big picture is to collect event data from all data sources, including firewalls, routers, servers, desktops, application servers, and so on. Analyzing information Analysis of information to obtain a clear view of your security standpoint Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 17 of 59

18 18 Chapter 5: ESP Learning Solutions Taking preventive action Proactive preventative action to secure sensitive data and avoid a potential problems in the future Hewlett Packard Enterprise ArcSight solutions help customers identify and prioritize security threats, organize and track incident response activities, and simplify audit and compliance activities Benefits The Hewlett Packard Enterprise ArcSight approach helps safeguard business data by giving users complete visibility into activity across the IT infrastructure through use of the following solutions: Hewlett Packard Enterprise ArcSight Logger Unify collection, storage, log analysis, and machine data from any device, vendor, and source. Builtin rules and reports enable monitoring, alerting, and forensic investigation of security events. Hewlett Packard Enterprise ArcSight Enterprise Security Management (ESM) Using enterprise security management software, combines event correlation and security analytics to identify and prioritize threats in real time and remediate incidents early. Hewlett Packard Enterprise ArcSight Application View Increase application visibility and security intelligence. Hewlett Packard Enterprise ArcSight Management Center (ArcMC) Centrally manage your Hewlett Packard Enterprise ArcSight deployments through a unified interface. 5.2 Hewlett Packard Enterprise ArcSight Learning Solutions Learn from a full assortment of role-based, product-oriented courses with delivery options designed to support the most demanding security needs. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 18 of 59

19 5.1 Hewlett Packard Enterprise ArcSight Hewlett Packard Enterprise ArcSight Learning Path HPE ArcSight learning solutions prepare you for fast implementation and efficient operation. Learn from a full assortment of role-based, product-oriented courses. HPE ArcSight ESM Courses Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 19 of 59

20 20 Chapter 5: ESP Learning Solutions HPE ArcSight Connectors and Connector Appliance Courses HPE ArcSight Logger Courses HPE ArcSight Express Courses Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 20 of 59

21 5.4 HPE ArcSight Certification Path HPE ArcSight Certification Path The recommended HPE ArcSight certification path is to begin with one of our HPE ArcSight ATP offerings. To move on to the ASE certification, you must pass the HPE ArcSight ESM Security Administrator and Analyst exam. To achieve HPE ArcSight ASE certification you must pass the the HP Logger Administration and Operations exam and either the HPE ArcSight ESM Advanced Administrator exam OR the HPE ArcSight ESM Advanced Analyst exam. Professionals who want to show mastery of all HPE ArcSight solutions can continue on with the Master ASE (MASE) certification. This is a three-day, handson exam. To successfully pass this exam, we recommend at least three years of experience with the solutions as well as a host of HPE ArcSight courses. NOTE: There is a 5-day course entitled HPE ArcSight MASE Preparation course, which prepares you for this exam. ATP ASE Master ASE HPE ArcSight Security Solutions HPE ArcSight Logger Admin & Operations HPE ArcSight ESM Advanced Analyst HPE ArcSight Master ASE HPE ArcSight ESM Admin & Analyst HPE ArcSight ESM Advanced Admin Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 21 of 59

22 22 Chapter 5: ESP Learning Solutions 5.5 Hewlett Packard Enterprise ArcSight ESM Courses HPE ArcSight Security Solutions ATP HPE ArcSight Security Solutions ATP provides an introduction to the common security problems addressed by Hewlett Packard Enterprise ArcSight s products. Each module provides a high-level overview of each Hewlett Packard Enterprise ArcSight product and describes how it solves the security risks experienced by digitally connected organizations. HPE ArcSight Security Solutions ATP provides an introduction to the common security problems addressed by Hewlett Packard Enterprise ArcSight s products. Each module provides a high-level overview of each Hewlett Packard Enterprise ArcSight product and describes how it solves the security risks experienced by digitally connected organizations. Operators, Analysts, Administrators Gathering business requirements for the Hewlett Packard Enterprise ArcSight solution; Designing a simple security solution using Hewlett Packard Enterprise ArcSight products ILT, VILT, Onsite None Two days Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 22 of 59

23 5.5 Hewlett Packard Enterprise ArcSight ESM Courses HPE ArcSight ESM 6.5 Administrator and Analyst ATP HPE ArcSight ESM 6.5 Administrator and Analyst training details the Enterprise Security Manager (ESM) product facilities while performing related tasks on a live HPE ArcSight ESM. You use the Hewlett Packard Enterprise ArcSight Console, Hewlett Packard Enterprise ArcSight Command Center, and Hewlett Packard Enterprise ArcSight Web user interfaces to monitor security events, configure ESM, and manage users and ESM network intelligence resources. Using Hewlett Packard Enterprise ArcSight ESM workflow, you isolate, document, escalate, and resolve security incidents. This course enables tailoring standard Hewlett Packard Enterprise ArcSight ESM content to acquire, search, and correlate actionable event data, and perform remedial activities such as incident analysis, stakeholder notification, and reporting security conditions within your network environment. Managers, Sales, Executive users Install ESM; Create user accounts and implement built-in solutions content; Implement Network and Asset Modeling facilities; Investigate, identify, analyze, and remediate security issues; Use workflow management; Modify and run standard reports; Establish ESM peering ILT, VILT, Onsite, elearning None Four days Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 23 of 59

24 24 Chapter 5: ESP Learning Solutions HPE ArcSight ESM 6.5 Advanced Analyst ASE HPE ArcSight ESM 6.5 Advanced Analyst provides you with the knowledge required to use advanced Hewlett Packard Enterprise ArcSight ESM content to find and correlate event information, perform actions such as notifying stakeholders, analyzing event data graphically, and reporting on security incidents within your security environment. You will familiarize and/or reinforce your understanding of the advanced correlation capabilities within Hewlett Packard Enterprise ArcSight ESM that provide a significant edge in detecting active attacks. This course covers the Hewlett Packard Enterprise ArcSight security problem solving methodology using advanced Hewlett Packard Enterprise ArcSight ESM content to find, track, and remediate security incidents. During the training, you learn to use variables and correlation activities, customize report templates for dynamic content, and customize notification templates to send the appropriate notification based upon specific attributes of an event. Analysts, Senior Analysts Correlate, investigate, analyze, and remediate both exposed and obscure threats; Construct HPE ArcSight variables to provide advanced analysis of the event stream; Develop Hewlett Packard Enterprise ArcSight lists and rules to allow advanced correlation activities; Optimize event-based data monitors to provide real-time viewing of event traffic and anomalies; Design new report templates and create functional reports, Find events through the search tools ILT, VILT, Onsite None required; Recommended: ESM 6.5 Admin and Analyst ILT: Five days VILT: Four days Note: The VILT version of the course does not include the certification exam. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 24 of 59

25 5.5 Hewlett Packard Enterprise ArcSight ESM Courses HPE ArcSight ESM 6.5 Advanced Administrator ASE HPE ArcSight ESM 6.5 Advanced Administrator provides you with techniques to proactively analyze and troubleshoot the ESM CORR-Engine database and Hewlett Packard Enterprise ArcSight ESM Manager to provide efficient services to your organization. This course teaches you to design and deploy hierarchical, fault tolerant manager implementations as well integration strategies between Hewlett Packard Enterprise ArcSight ESM and other Hewlett Packard Enterprise ArcSight appliances such as Logger, Connector Appliance, and the Hewlett Packard Enterprise ArcSight Management Center products. Administrators Design, deploy, and configure an Hewlett Packard Enterprise ArcSight ESM multi-manager layout; Assess and implement integration strategies; Provide credentials for Hewlett Packard Enterprise ArcSight ESM, including RADIUS and LDAP/AD; Use available Hewlett Packard Enterprise ArcSight tools; Implement Hewlett Packard Enterprise ArcSight best practices for backup and recovery ILT, Onsite None required; Recommended: ESM 6.5 Admin and Analyst ILT: Five days VILT: Four days Note: The VILT version of the course does not include the certification exam. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 25 of 59

26 26 Chapter 5: ESP Learning Solutions Building Security Use Cases with HPE ArcSight ESM Building Security Use Cases with HPE ArcSight ESM provides you with detailed knowledge of the Hewlett Packard Enterprise ArcSight security problem solving methodology within the ESM context. In this course, you learn the methodologies to develop use cases for current business scenarios derived from the top business drivers in the market. Senior Analysts Define use cases; Generate requirement statements and prioritize objectives; Identify data sources and ESM resources; Create identified ESM content; Construct Hewlett Packard Enterprise ArcSight Active Channels; Develop Hewlett Packard Enterprise ArcSight rules; Build event-based data monitors; Package formulated ESM content ILT, Onsite None Three days Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 26 of 59

27 5.5 Hewlett Packard Enterprise ArcSight ESM Courses Creating Advanced ESM Content for Security Use Cases Creating Advanced ESM Content for Security Use Cases covers Hewlett Packard Enterprise ArcSight security problem solving methodology within the ESM context. In this course, you learn advanced techniques to use Hewlett Packard Enterprise ArcSight ESM content to find, track, and remediate security incidents specifically identified in the course use cases. This advanced course is intended for those whose primary responsibilities include defining the organization s security objectives and building Hewlett Packard Enterprise ArcSight ESM content to adhere to those objectives. Define use cases; Generate requirement statements and prioritize objectives; Identify data sources and ESM resources; Create identified ESM content; Construct Hewlett Packard Enterprise ArcSight active channels; Develop Hewlett Packard Enterprise ArcSight rules; Provide real time viewing of event traffic and anomalies; Implement custom velocity macros for notification; Package formulated ESM contents for the use case into an Hewlett Packard Enterprise ArcSight resource bundle ILT, VILT, Onsite None Five days HPE ArcSight ESM Operations HPE ArcSight ESM Operations provides you with comprehensive training on ESM operations. This course offers exercises for common functionality and procedures needed to quickly retrain or cross train a broader group of ESM operators. The modular format of this course enables you to select the topics and lessons applicable to your job tasks and allows you to return to lessons to refresh what you have previously learned. Operators Computer desktop, browser, and file system navigation skills; Basic understanding of TCP/IP networking and database concepts; Enterprise security experience elearning None Estimated ten hours Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 27 of 59

28 28 Chapter 5: ESP Learning Solutions Introduction to HPE ArcSight Event Management Introduction to HPE ArcSight Event Management provides you with the fundamental concepts of an Hewlett Packard Enterprise ArcSight ESM implementation. Understanding these basic concepts is critical for anyone who wants to administer an Hewlett Packard Enterprise ArcSight ESM implementation or perform analysis on security data within Hewlett Packard Enterprise ArcSight ESM. This course is also a prerequisite for additional Hewlett Packard Enterprise ArcSight ESM training. Operators Computer desktop, browser, and file system navigation skills; Basic understanding of TCP/IP networking and database concepts; Enterprise security experience elearning None Estimated three hours 5.6 HPE ArcSight Logger Courses HPE ArcSight Logger+ 6.0 Administration and Operations ASE HPE ArcSight Logger+ 6.0 Administration and Operations provides you the essentials of the Hewlett Packard Enterprise ArcSight Logger solution, both hardware and software, as well as giving you information about how to architect a complete solution. This five-day ILT course covers the core features of the Hewlett Packard Enterprise ArcSight Logger solution as well as more advanced features. Business users, Administrators Common network device functions, such as routers, switches, and hubs; TCP/IP functions, such as CIDR blocks, subnets, addressing, communications; Windows operating system tasks, such as installations, services, sharing, and navigation ILT, VILT None ILT: Five days VILT: Four days Note: The VILT version of the course does not include the certification exam. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 28 of 59

29 5.6 HPE ArcSight Logger Courses HPE ArcSight Logger Administration and Operations HPE ArcSight Logger Administration and Operations provides you with comprehensive training to quickly configure your Logger Appliance or downloadable Software Logger and bring it into an operational state. Learning content is specifically intended for team members of security operations, network operations, auditing, and compliance. Business users, Administrators Computer desktop, browser, and file system navigation skills; Enterprise security experience elearning None Three hours, online, self-paced elearning HPE ArcSight Logger Search and Reporting HPE ArcSight Logger Search and Reporting elearning provides you with task-focused training to quickly configure and use your Logger s event search and reporting capabilities. Learning content is specifically intended for team members of security operations, network operations, auditing, and compliance. Note: This course is a subset of the HPE ArcSight Logger Administration and Operations elearning course. If you have purchased or plan to purchase the HPE ArcSight Logger Administration and Operations elearning course, do not purchase this course. This is a base-level course that provides you with specific end-user event search and reporting topics intended for team members of security operations, network operations, as well as personnel responsible for auditing and compliance. Computer desktop, browser, and file system navigation skills; Basic understanding of TCP/IP networking and database concepts; Enterprise security experience elearning None Seven hours, online, self-paced elearning Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 29 of 59

30 30 Chapter 5: ESP Learning Solutions 5.7 HPE ArcSight Connectors and Connector Appliance Courses HPE ArcSight SmartConnector Foundations and Tool Kits HPE ArcSight SmartConnector Foundations provides you with detailed knowledge to install and configure Hewlett Packard Enterprise ArcSight SmartConnectors. Included in the course are detailed walk-throughs for 11 of our most popular Smart and Flex connectors. Administrators Install and configure SmartConnector software; Configure, enable, disable, alter, and remove SmartConnector settings elearning None Estimated eight hours, online, self-paced elearning HPE ArcSight FlexConnector Configuration HPE ArcSight FlexConnector Configuration training provides you with an overview of the Hewlett Packard Enterprise ArcSight SmartConnectors framework and explains the Hewlett Packard Enterprise ArcSight ESM Schema. It teaches you how to construct and manipulate FlexConnector configuration and property files and use various parsing methods including fixed delimited, regular expressions, and database query. Examples from standard connectors are used to illustrate devicespecific methodologies. Advanced configuration options such as multi-line Regex, parser linking, and conditional mapping are also covered. Administrators Install Hewlett Packard Enterprise ArcSight Connector software; Configure a functional FlexConnector and test with an ESM Active Channel; Create fixed delimited configuration files; Create common and sub-message parsing and token-to-event mapping; Create a tailored categorization file; Navigate the connector configuration file hierarchy VILT None Three days Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 30 of 59

31 5.8 HPE ArcSight Express Courses HPE ArcSight Connector Appliance Administration and Operations HPE ArcSight Connector Appliance Administration and Operations provides you with the knowledge to administer, configure, and effectively manage an Hewlett Packard Enterprise ArcSight Connector Appliance. Administrators Install and configure the Connector Appliance; List the components that make up a Connector Appliance and describe how they interoperate; Mount remote file systems with a Connector Appliance; Configure a SmartConnector on the Connecter Appliance; Upgrade, back up, and restore SmartConnectors and the Connector Appliance ILT and VILT, None Two days 5.8 HPE ArcSight Express Courses HPE ArcSight Express 4.0, CORR-Engine Administration and Operations HPE ArcSight Express Administration and Operations provides you with comprehensive training for Hewlett Packard Enterprise ArcSight Express. This course includes hands-on training exercises on packaged content and functionality for you to bring the Hewlett Packard Enterprise ArcSight Express appliance into production environments. Note: This course is intended for users of Hewlett Packard Enterprise ArcSight Express 4.0. CORR-Engine. This is not for use with Hewlett Packard Enterprise ArcSight Express 4.5 or 5.0. Administrators, Analysts, Operators Use Hewlett Packard Enterprise ArcSight Express built-in content; Isolate, investigate, analyze, and remediate exposed security issues; Configure Hewlett Packard Enterprise ArcSight settings, system settings, and user resources appropriately; Configure Network and Asset Modeling ILT None Five days Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 31 of 59

32 32 Chapter 5: ESP Learning Solutions 5.9 HPE ArcSight Management Center Course HPE ArcSight Management Center Administration and Operations ArcSight Management Center (ArcMC) simplifies policy configuration, deployment maintenance and monitoring tasks. This course covers techniques needed to centralize device management, user management, and configuration management with ArcMC. Learn integration strategies to reduce daily management of ArcMC, Logger, Connector Appliance and Connectors products. System Administrators Administer, configure, maintain, and troubleshoot HPE ArcSight ArcMCs, Loggers, Connector Appliances, and Connectors, Manage users roles and entitlements for ArcSight ArcMCs, Loggers, Connector Appliances, and Connectors ILT None Three days 5.10 HPE ArcSight Courses - Complete HPE ArcSight Solution HPE ArcSight MASE Preparation Course The HPE ArcSight Master ASE Preparation Course covers design and implementation considerations of a complete enterprise SIEM deployment. This course provides participants with hands-on activities through a practical solutions-based approach to address common business requirements. Methodologies, terms, and concepts are explored in progressive examples using built-in product configuration and management facilities. Product architectures are coupled with deployment best practices within the context of the HPE ArcSight product line as a complete log management and event correlation platform. Experienced HPE ArcSight IT Security experts Identify business requirements; Develop an implementation and installation plan using HPE ArcSight solutions; Design and implement HPE ArcSight resources to analyze network level events and provide enterprise-wide visibility and correlation; Develop custom solutions using HPE ArcSight technologies ILT None required three years experience; ESM Admin & Analyst; Adv Admin; Adv Analyst; Logger Admin & Operations; SmartConnector Foundations; FlexConnector Configuration; Connector Appliance Administration; Five days + three-day exam Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 32 of 59

33 5.11 HPE Fortify HPE Fortify HPE Fortify Introduction When it comes to network and data security, it is essential that web applications are defended against threats and attacks. A common misperception is that firewalls protect an application from all attacks. While a firewall is necessary and an effective solution to control access and protect an organization, it often proves to be ineffective in preventing an application exploit. A firewall cannot protect every parameter of every application that resides behind it. Nor can it completely protect access to the applications. It is for this reason that an effective suite of tools specifically designed to protect web applications is essential. HPE Fortify web application security solutions, available on-premise or on-demand, help you secure your software applications including legacy, mobile, third-party, and open source HP Forify Benefits HPE Fortify combines comprehensive static and dynamic testing technologies across 21 languages, with timely security intelligence from the HP Security Research team. HPE Fortify can be deployed in-house, as a managed service or in a hybrid model taking advantage of the best of both worlds. This flexible delivery model allows security groups to get started quickly and scale in response to business changes while protecting their assets and investments in application security. These technologies, include: HPE Fortify on Demand HPE Fortify on Demand is a managed application security testing service that enables organizations to quickly test the application security of a few applications or launch a comprehensive security program without additional investment in software and personnel. HP WebInspect HP WeInspect is an automated, dynamic testing tool that mimics real-world hacking techniques and attacks, and provides comprehensive dynamic analysis of complex web applications and services. HP Application Defender HP s application self-protection can help you stop security threats that no one else can even see by protecting production applications from the inside. It s application security simplified. HPE Fortify Static Code Analyzer (SCA) HPE Fortify Static Code Analyzer provides automated static code analysis to help developers eliminate vulnerabilities and build secure software. Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 33 of 59

34 34 Chapter 5: ESP Learning Solutions HPE Fortify Learning Solutions HPE Fortify Learning Solutions provide a full assortment of role-based, product-oriented courses with delivery options designed to support the most demanding security needs. HPE Fortify Learning Path Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 34 of 59

35 5.11 HPE Fortify 35 Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 35 of 59

36 36 Chapter 5: ESP Learning Solutions 5.12 HPE Fortify Certification Path HPE Fortify Certification offerings include both ATP- and ASE-level certifications for the HPE Fortify products and solutions. To obtain the HP ATP Fortify Security v1 certification, you must successfully pass the Fortify Security Solutions ATP exam. To obtain the HP ASE Fortify Security v1 certification, you must successfully pass the Dynamic Application Testing with HP WebInspect OR the HPE Fortify SCA/SSC exam HPE Fortify Security Solutions ATP HPE Fortify Security Solutions ATP training consists of two days of intensive training in application security and developing and testing software solutions using HPE Fortify products. You will learn about the threats to applications and the architecture and operation of the HPE Fortify solution. Through lectures and hand-on activities, you learn to implement HPE Fortify Static Code Analyzer (SCA), HPE Fortify Software Security Center, HP WebInspect, and HPE Fortify Runtime. Software Developers, Product Managers, Development Managers, Q/A Managers, Q/A Analysts, and Application Security Analysts Knowledge of software development methodologies; Implementation of HPE Fortify products; Knowledge of HPE Fortify Solutions Architecture ILT and VILT None Two days Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 36 of 59

37 5.12 HPE Fortify Certification Path Dynamic Application Testing with HPE WebInspect This HPE WebInspect course outlines HPE s comprehensive, automated web application and Web services vulnerability scanning solution. In this training, security professionals and compliance auditors learn how to quickly and easily analyze the numerous web applications and web services in their environment. This course includes extensive hands-on exercises. Application Developers, Application Testers HPE WebInspect licensing installation; Use of HPE WebInspect as a dynamic analysis security testing (DAST) tool; Manual, mobile, and work-flow driven scan creation; Web macros and report creation ILT None Three days Using and Administering HPE WebInspect Enterprise The goal of this course is to introduce you to WebInspect Enterprise which manages dynamic and static scanning focuses to ensure effective and efficient application security during your SDLC. This course will demonstrate how to create and manage your automated web application vulnerability scans and provide security risk solutions. Also, this course provides participants with hands-on activities using a practical, solutions-based approach to identify and mitigate today s biggest application security risks. Students learn to create, scan, and manage projects using both HPE Fortify SSC (Software Security Center) and WebInspect Enterprise. This course is intended for application security analysts already using HPE WebInspect to perform DAST on their applications, as well as static analysis through SSC. It is also useful for development managers, security-focused QA testers, security leads, and auditors. Basic programming skills (able to read Java, C/C++, or.net.), basic understanding of web technologies: HTTP Requests and Responses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar), familiarity with some of the most common Web application vulnerabilities (i.e. OWASP Top 10), familiarity with application security, experience working with Fortify WebInspect ILT None Two days Hewlett Packard Enterprise Software Education ESP Training Plan Guide Page 37 of 59