About the training
Log files contain valuable information for infrastructure management as most malicious exploits and intrusions leave their fingerprints all over log files and system performance issues can be identified from analysing specific log data. In this module, the learner will evaluate log files and learn tools to extract associated valuable data for detecting cyber threats and system performance issues. In particular, the module will provide the learner with skills to apply and use log file management tools, access log files, efficiently search log data using best practices. The learner will apply this knowledge to evaluate and implement YARA and Sigma rules for Indicators of Compromise (IoCs) and system information and event management tools. At the end of the module the learner should have developed a mindset for using log files for cyber security and incident investigation including system performance issues. This module was developed under the Cyber Skills HCI Pillar 3 Project.
Log files contain valuable information for infrastructure management as most malicious exploits and intrusions leave their fingerprints all over log files and system performance issues can be identified from analysing specific log data. In this module, the learner will evaluate log files and learn tools to extract associated valuable data for detecting cyber threats and system performance issues. In particular, the module will provide the learner with skills to apply and use log file management tools, access log files, efficiently search log data using best practices. The learner will apply this knowledge to evaluate and implement YARA and Sigma rules for Indicators of Compromise (IoCs) and system information and event management tools. At the end of the module the learner should have developed a mindset for using log files for cyber security and incident investigation including system performance issues. This module was developed under the Cyber Skills HCI Pillar 3 Project.
What you will learn
LO1 Evaluate log files, the associated data and accessing and search mechanisms.
LO2 Interpret valuable data from log files for cybersecurity and system performance purposes by applying best practices and tools.
LO3 Implement a log management system using security information and event management (SIEM) tools for use in infrastructure management.
LO4 Analyse log files from multiple devices and applications utilising log aggregation techniques and SIEM tools to identify indicators of compromise in ill-defined contexts.
LO5 Apply a log file analysis mindset for cyber security and system performance to the effective communication of incident reports.
LO1 Evaluate log files, the associated data and accessing and search mechanisms.
LO2 Interpret valuable data from log files for cybersecurity and system performance purposes by applying best practices and tools.
LO3 Implement a log management system using security information and event management (SIEM) tools for use in infrastructure management.
LO4 Analyse log files from multiple devices and applications utilising log aggregation techniques and SIEM tools to identify indicators of compromise in ill-defined contexts.
LO5 Apply a log file analysis mindset for cyber security and system performance to the effective communication of incident reports.
Training information
Requirements: This course is ideal for ICT professionals or graduates with an honours degree in computing or in a cognate area (STEM) who wish to develop a career as a cybersecurity professional in a technical role. This is a highly technical course requiring basic networking knowledge to ensure success. Candidates who do not hold a computing degree and are currently working in the IT sector may be considered based on relevant academic qualifications or extensive work experience.
Course Contact: Dr George O’Mahony: GeorgeD.OMahony@mtu.ie
Requirements: This course is ideal for ICT professionals or graduates with an honours degree in computing or in a cognate area (STEM) who wish to develop a career as a cybersecurity professional in a technical role. This is a highly technical course requiring basic networking knowledge to ensure success. Candidates who do not hold a computing degree and are currently working in the IT sector may be considered based on relevant academic qualifications or extensive work experience.
Course Contact: Dr George O’Mahony: GeorgeD.OMahony@mtu.ie