1. Learning
  2. Courses
  3. OT-ICS Cybersecurity SOC/SIEM Implementation with WSUS & AD
  1. Back to course listing

Udemy

OT-ICS Cybersecurity SOC/SIEM Implementation with WSUS & AD

Enroll Now
  • 610 Students
  • Updated 4/2023
4.3
(56 Ratings)
CTgoodjobs selects quality courses to enhance professionals' competitiveness. By purchasing courses through links on our site, we may receive an affiliate commission.
Save Course Compare

Course Information

Registration period
Year-round Recruitment
Course Level
Short Course
Study Mode
Online
Duration
4 Hour(s) 46 Minute(s)
Language
English
Taught by
Sourabh Suman
Rating
4.3
(56 Ratings)

Course Overview

OT-ICS Cybersecurity SOC/SIEM Implementation with WSUS & AD

Create full functional SIEM and SOC dashboard on Security Onion solution with SOC/NOC visualizations.

*MAKE YOUR OWN ICS SIEM/SOC LAB SETUP WITHOUT HARDWARE*

Welcome to our comprehensive course on ICS Cybersecurity from end-to-end deployment. This course covers key concepts essential to safeguarding Industrial Automation and Control Systems cybersecurity.

We will delve into critical cybersecurity components such as Security Information and Event Management (SIEM), with a focus on Elasticsearch-Logstash-Kibana (ELK Stack), SIEM Dashboarding/ Query: Kibana, and NOC- Network Monitoring/ Operations Dashboarding: Grafana.

You will also learn about EDR/HIDS - Endpoint Detection and Response/ Host Intrusion Detection: Wazuh, Log Management: Beats/Sysmon (Log collector for Windows Event logs and more), Asset Management: OSQuery - FleetDM, Endpoint Visibility: Sysmon, Malware Detection: Strelka, Firewall: pfsense (Firewall), and IPS-Intrusion Prevention System: Snort Based.

We will also explore Nmap for network-based queries, Vulnerability Management: Using Nessus, Active Directory- Windows Server, WSUS-Windows Server Update Services, Modbus Communication, DNP3 communication, and OPC Server-Client Communication.

By the end of this course, you will have a comprehensive understanding of ICS Cybersecurity from end-to-end deployment, including key concepts and tools essential to safeguarding your systems. Enroll now to gain valuable knowledge and expertise in this critical field.

This course is totally practical, in all chapters we are installing, configuring, or deploying something on machines located in azure infrastructure, and it's simple, I promise.

We will cover some key concepts of ICS Cybersecurity from end-to-end deployment which are as follows:


  1. Security information and event management (SIEM): Elasticsearch-Logstash-Kibana (ELK Stack)

  2. SIEM Dashboarding/ Query: Kibana

  3. NOC- Network Monitoring/ Operations Dashboarding: Grafana

  4. EDR/HIDS - Endpoint Detection and Response/ Host Intrusion Detection: Wazuh

  5. Log Management: Beats/Sysmon (Log collector for Windows Event logs and more)

  6. Asset Management: OSQuery - FleetDM

  7. Endpoint Visibility: Sysmon

  8. Malware Detection: Strelka

  9. Firewall: pfsense (Firewall)

  10. IPS-Intrusion Prevention System: Snort Based

  11. Nmap for network-based queries

  12. Vulnerability Management: Using Nessus

  13. Active Directory- Windows Server

  14. WSUS-Windows Server Update Services

  15. Modbus Communication

  16. DNP3 communication

  17. OPC Server-Client Communication

And this is a dynamic list, and with time keeps on updating and increasing to increase coverage.

* Connect to me on Linkedin/ or visit cyberotsecure{dot}com website to get discounts.*

The environment is deployed on Azure with the cheapest region and minimum resource requirements. All the steps are guided and well explained so that you can follow and create your own ICS SOC easily. after doing this course you will have a good understanding of cybersecurity technologies that are in use in the ICS landscape as well as in the overall industrial control system environment. You can run all types of tests and simulate this environment, you can also install applications from your organization to test in a similar mode.


See more details

Course Content

  • 8 section(s)
  • 41 lecture(s)
  • Section 1 Introduction and Setup Scenario
  • Section 2 Configuration and Setup-Azure and Engineerin Workstation
  • Section 3 Installation and Configuration of Security Onion Machine
  • Section 4 Integration of Systems to Security Onion to Agents
  • Section 5 Installation of Firewall as a Log source
  • Section 6 Installation of Windows 2019 Server
  • Section 7 Adding ICS Protocols in network
  • Section 8 Use cases for SOC
See more details

What You’ll Learn

  • Design own SIEM/SOC Lab for ICS Environment, Working on Azure for deploying ICS machines and SOC lab, Complete end to end log integration and visualization, IDS/IPS Solution deployment and visualization, Hands-on experience of cybersecurity control deployment, Log forwarding from Firewalls, Endpoints and Applications., Life time creation of lab for multiple use cases with pay as you go from Azure, Create and destroy as many workstations, HMI, Servers you want to
See more details

Reviews

  • W
    Wasim Baig
    5.0

    in each courses we learned lots of new things thanks for this wonderful courses

  • C
    CHINMAY SARAF
    4.5

    Good learning!

  • C
    Candice Marie Katapang
    1.5

    The course is not detailed enough. The reading of the Dashboards is poor, and the instructor is also unsure. If you are looking to learn about SOC and SIEM implementation, this is NOT the course for you.

  • L
    Luigi Destefanis Gallo
    5.0

    Ottimo corso con esempi pratici e guide passo passo

Report

Start FollowingSee all

Save Course
Enroll Now

Free eNewsletter

You will receive below exclusive information:

Sign Up Now

We use cookies to enhance your experience on our website. Please read and confirm your agreement to our Privacy Policy and Terms and Conditions before continue to browse our website.

Read and Agreed