SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsIncident handlers are expected to provide timely and efficient detection, analysis and response to incidents. They have at their disposal a seemingly endless supply of events, typically in the form of log data from a variety of systems. Unfortunately, the volume of this data can be difficult to capture and analyze, hindering the incident handling process. Specialized software can automate the collection and dying of log data, helping separate the 'noise' of events from the 'signal' of incidents. This paper will detail a framework and procedures to establish a security operations program that leverages log analysis tools.