Advanced Analytics Course Overview:

In this multi-tenant-focused course, you will gain comprehensive knowledge of FortiSIEM, delving into its rules architecture, incident generation, baseline calculations, remediation techniques, and advanced analytics utilizing nested queries and lookup tables. Additionally, you will learn to seamlessly integrate FortiSOAR with FortiSIEM, equipping you with the skills to effectively manage and optimize security operations in complex, multi-tenant environments.

Intended Audience:

• Security professionals involved in the management, configuration, administration, and monitoring of FortiSIEM and FortiSOAR devices—in an enterprise or service provider deployment—that are used to monitor and secure the networks of customer organizations should attend this course.

Learning Objectives of Advanced Analytics:

Upon successful completion of this course, you will possess the following capabilities:

• Recognition of various prerequisites and implementation necessities for a multi-tenant FortiSIEM deployment.
• Proficiency in deploying FortiSIEM in a hybrid environment, both with and without collectors.
• Ability to design multi-tenant solutions using FortiSIEM.
• Skill in deploying collectors within a multi-tenant environment.
• Competence in managing Event Per Second (EPS) assignments and restrictions on FortiSIEM.
• Knowledge of effectively managing resource utilization within a multi-tenant FortiSIEM cluster.
• Proficiency in maintenance and troubleshooting of collector installations.
• Expertise in deploying and managing Windows and Linux agents.
• Capability to create rules by assessing security events.
• Skill in defining actions for single-pattern security rules.
• Understanding of multiple-pattern security rules and the ability to define their conditions and actions.
• Differentiation between standard and baseline reports, along with the skill to create customized baseline profiles.
• Proficiency in deploying FortiSIEM User and Entity Behavior Analytics (UEBA) agents.
• Competence in examining log-based UEBA rules for advanced analytics.
• Proficiency in working with nested queries and configuring lookup tables for advanced analytics.
• Configuration of clear conditions within FortiSIEM for effective event management and analysis.