Cisco Stealthwatch Use Case Workshop:

SIEM Integration With Cisco Stealthwatch (UCWSIEM)

Improve your security defenses, add actionable security intelligence, and increase your network visibility with Cisco Stealthwatch workshops.

Use Case Workshops are hands-on, instructor-led courses focused on specific use case outcomes in Cisco Stealthwatch Enterprise. The workshops are designed to help you quickly identify and investigate common threats and to provide effective workflows so that you can fully understand Stealthwatch capabilities.

This workshop is intended to be interactive and engaging. You are encouraged to ask questions, respond to questions, and share best practices and ideas.

Duration: 3 Hours
Price: $500



Objectives:
After taking this course you should be able to:

  • Describe the advantages of integrating Stealthwatch with a SIEM.
  • View SIEM data in Stealthwatch by creating a SIEM external lookup option.
  • Configure the Splunk SIEM to accept Stealthwatch syslog entries through the Response Management feature.
  • Explore a Stealthwatch API integration with Splunk.
  • And much more


Prerequisites:
To complete this workshop, the following components must be installed and configured on your network:

  • Stealthwatch Release 7.0 or later
  • Stealthwatch Flow Collector
  • Integration with Firewallď‚·Integration with Proxy/Nat Device
  • Integration with Proxy/Nat Device


Who Should Attend:
This course is intended for individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration, and initiate incident response investigations.


Outline:
In this workshop, you’ll work through a series of activities that focus on the use of SIEMs and Stealthwatch to provide insights into your network.

In a lab environment, you will learn how to leverage the insights gained by combining the network behavioral context provided by Stealthwatch with the Splunk SIEM.