Security Products Training Plan Guide

Transcription

1 Mi cr ofocuseducat i on Security Products Training Plan Guide

2 Copyright 2017 Micro Focus. All rights reserved. Published by Micro Focus Micro Focus. The information contained herein is subject to change without notice. The only warranties for Micro Focus products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. Trademark acknowledgments if needed. This material ( Material ) may contain branding from Hewlett-Packard Company (now HP Inc.) and Micro Focus Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Micro Focus/HPE marks is historical in nature, and the HP and Micro Focus/HPE marks are the property of their respective owners. First printing, January 2015 Last Updated: September 16, 2017

3 Contents 1 Security Products A Proactive Approach to Information Security The Enterprise Security Landscape The Best Defense Is a Good Offense Security Products Security Services Security Research Micro Focus Certification and Accreditation Micro Focus Education Control Protecting your Investment Time to Market Return on Investment Getting Ahead of the Game Training Delivery Options Instructor Led Training (ILT) Virtual Instructor Led Training (VILT) elearning Self-Study

4 3.5 Customized Training Our Instructors Make It Interesting Make It Relevant Security Learning Solutions Security Introduction ArcSight Benefits ArcSight Learning Solutions ArcSight Learning Path ArcSight Certification Path ArcSight ESM Courses ArcSight Security Solutions ASP ArcSight ESM Administrator and Analyst ASP ArcSight ESM Advanced Analyst CSE ArcSight ESM Advanced Administrator ASE Building Security Use Cases with ArcSight ESM Creating Advanced ESM Content for Security Use Cases ArcSight Logger Courses ArcSight Logger Administration and Operations CSE ArcSight Logger Search and Reporting ArcSight Connectors and Connector Appliance Courses ArcSight SmartConnector Foundations and Tool Kits ArcSight FlexConnector Configuration ArcSight Management Center Course ArcSight Management Center Administration and Operations ArcSight User Behavior Analytics ArcSight User Behavior Analytics Fortify Fortify Introduction HP Fortify Benefits Fortify Learning Solutions Fortify Certification Path Fortify Security Solutions ASP Dynamic Application Testing with WebInspect WebInspect Enterprise: Using and Administering Developing with Fortify Application Security Fortify Software Security Center/Static Code Analyzer

5 Working with Fortify SCA, Audit Work Bench, and SSC Fortify for Developers Using Plugins Atalla Atalla Introduction Atalla Benefits Atalla Learning Solutions Enterprise Secure Key Manager (ESKM) Training Atalla Network Security Processor (NSP) Training SecureData (Voltage) SecureData (Voltage) Introduction SecureData Voltage Benefits SecureData Voltage Learning Solutions Introduction to SecureData Voltage SecureData Solutions Training Contact Us The Other Training Plan Guides Index

6 This page intentionally left blank.

7 Trained users require 6x less support than untrained users.

8 This page intentionally left blank.

9 1. Security Products From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. Micro Focus Security Products is our answer to these threats and attacks. 1.1 A Proactive Approach to Information Security Micro Focus Security products and services help organizations meet the security demands of a rapidly changing and more dangerous world. Security enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis, and network-level defense mechanisms unifying the components of a complete security program and reducing risk across your enterprise. 1.2 The Enterprise Security Landscape Micro Focus is changing the enterprise security landscape with advanced security solutions that uniquely leverage leading threat research and powerful correlation of security events and vulnerabilities to deliver security intelligence spanning IT operations, applications, and infrastructure. Micro Focus Education Security Training Plan Guide Page 9 of 58

10 10 Chapter 1: Security Products Micro Focus comprehensive approach has you covered: we disrupt your adversaries, manage your risk, and extend your capabilities. This strengthens your security posture to minimize incidence impact and control costs while expanding insight for better decisions. 1.3 The Best Defense Is a Good Offense When today s IT is faced with sophisticated threats, it s essential to have the right security solutions to protect your business. With an army of experts and arsenal of products, we work proactively across technologies to keep your data safe. Micro Focus draws on decades of security experience to take the fight to adversaries before they attack. We can help you predict and disrupt threats, manage risk and compliance, and extend your own security team. 1.4 Security Products Take a proactive approach to security that integrates security information and event management (SIEM), application analysis, and network-level defense. 1.5 Security Services Implement a strategy to mitigate risk and avoid costly penalties for non-compliance. Micro Focus can detect intrusions within 12 minutes of arrival and resolve 92% of major incidents within 2 hours of identification. And we provide tools, teams, and processes to comply with PCI, SOX, HIPAA, and EU Data. 1.6 Security Research Micro Focus conducts innovative research and provides industry-leading protection against the latest threats. Security research publications and regular threat briefings include regular updates on the latest threats, Zero-Day initiatives, and application vulnerabilities. Micro Focus Education Security Training Plan Guide Page 10 of 58

11 1.7 Micro Focus Certification and Accreditation Micro Focus Certification and Accreditation Technology professionals today need to be effective in this New Style of Business. Micro Focus provides a flexible approach to performance improvement for the technical software professional motivated by continuous learning and achievement. Accreditation and certifications help you demonstrate your commitment, improve your skills, and build confidence in your knowledge of the product or solution. ACCREDITATION WHAT IT MEANS EXAM Accredited Software Professional (ASP) Accredited Solutions Expert (ASE) Introductory level certification. The individual understands the fundamental concepts, terms, technologies, and processes needed to implement and design Micro Focus solutions, install and configure equipment and software, and administer and support the solutions. Indicates advanced technical skills for enterprise technologies. This person can design, implement, administer, or deploy and support IT solutions aligned to a specific job role. Online exam to be taken at will after class attendance. Online exam to be taken at will after class attendance. CERTIFICATION WHAT IT MEANS EXAM Certified Software Professional (CSP) Certified Solutions Expert (CSE) Introductory level certification. The individual understands the fundamental concepts, terms, technologies, and processes needed to implement and design Micro Focus solutions, install and configure equipment and software, and administer and support the solutions. Indicates Advanced technical certification for enterprise technologies. This person can design, implement, administer, or deploy and support IT solutions aligned to a specific job role. This online exam is proctored by the instructor on the final day of class. This advanced technical exam models a practicum hands-on scenario and is proctored by the instructor on the final day of class. Prerequisite is class completion prior to enrollment in exam. Micro Focus Education Security Training Plan Guide Page 11 of 58

12 This page intentionally left blank.

13 2. Micro Focus Education The mission of the Education organization is to deliver the best possible Security Products learning experience. With a global team of experienced trainers, and subject matter experts, our business offers you well-designed training courses across the entire range of Information Management solutions. We educate you, support you, and put you in control of your investment to ensure real-world success. 2.1 Control Enterprise Software drives your business forward by automating processes and increasing efficiencies. Your cutting-edge investment requires end users who know how to get the most out of the technology. Meanwhile, your technical staff must learn how to configure, optimize, maintain, and administer the technology. Training addresses the needs of both of these users, giving them the knowledge to take control. Micro Focus Education Security Training Plan Guide Page 13 of 58

14 14 Chapter 2: Micro Focus Education 2.2 Protecting your Investment It s one thing to buy a plane, but quite another to fly it! You ve made the right decision to invest in Micro Focus Software technologies. Now is the time to invest in your team, to train them on the solution and equip them with the knowledge to get the best out of the technology. Learning from the professionals ensures that you are protecting that investment. As a result, your team will navigate and fly in the right direction. 2.3 Time to Market Enabling your team means your project will run more smoothly and efficiently and reach completion in shorter time frames. Our education services reinforce formal classroom instruction with extensive hands-on practical experience. The majority of the classes are in a workshop environment that challenges the trainee, aids them during the learning process, and accelerates the knowledge transfer. The earlier your team gains expertise, the more successful your project will be. Analyst reports suggest that 75% of managers believe effective training will increases the chances of a project meeting its deadlines. Furthermore, 80% of IT managers believe effective training is critical to the success of a project. 2.4 Return on Investment Cost is always a key consideration; education offers a way to lower the total cost of ownership. Our education courses present your team members with best practices in design, deployment, and administration of your Micro Focus Software solutions. This translates into decreased technical support costs, lower ongoing administrative overhead, and the ability to work more effectively with our Consulting Services. Effective learning also leads to lower hardware costs with better-configured systems, decreased network load, and increased return on investment for integrated third-party applications. Thus, our training results in a return on multiple levels. 2.5 Getting Ahead of the Game The learning curve never stops, so if you want to lead the market with cutting-edge, worldclass solutions you need to give your team the training they need to keep you competitive. Micro Focus Education Security Training Plan Guide Page 14 of 58

15 3. Training Delivery Options Micro Focus Education wants your Security Products training delivered in the environment best suited to your needs. 3.1 Instructor Led Training (ILT) Micro Focus Education operates instructor-led training sessions in facilities around the globe. Each course is designed to provide students with hands-on experience and is labbased to keep learning practical. The class experience offers students the opportunity to personally interact with one of our certified instructors who has extensive experience and industry knowledge. We have a range of courses designed to accommodate both beginner and advanced students. To ensure that adequate attention is provided to each student attending an instructor-led class, Education maintains class sizes between six to twelve participants. Education also provides Instructor-Led on-site training and this is most convenient when your team members are located in the same region. As long as the host provides adequate on-site training facilities, Education will send one of our instructors to your chosen site to conduct the training. We then deliver standard or customized training that addresses your unique business needs. Please note that the maximum class size for on-site training is limited to 12 students to ensure that adequate individual attention is provided. The benefits of on-site training are identical to VILT training with the added benefit of receiving face-to-face training in your domain. Micro Focus Education Security Training Plan Guide Page 15 of 58

16 16 Chapter 3: Training Delivery Options 3.2 Virtual Instructor Led Training (VILT) Virtual Instructor Led Training (VILT) classes are a good alternative to sending your staff to a public training course. This option reduces travel and expense costs in the event your staff are geographically dispersed. Furthermore, VILT saves valuable time by permitting the student to stay in the office during the training sessions. VILT are live, instructor-led sessions. Students connect to the virtual classroom using their own computer, telephone, or Internet connection. VILT instructors facilitate live sessions for participants around the globe. 3.3 elearning Micro Focus elearning is interactive Web-based training that gets teams up to speed fast and is available on-demand 24x7. With hands-on exercises and easy-to-follow instructions, Micro Focus elearning emphasizes key learning points and can support your team either as stand-alone learning or as a supplement to traditional training programs. Micro Focus Education also offers a tailored elearning service to meet your business requirements. 3.4 Self-Study Our new self-study courses make learning easier and more enjoyable than ever. This offering allows participants to learn about a product by reading the course manual and then practice what they have learned by stepping through detailed hands-on exercises using a dedicated remote lab environment. This means participants do not need to lose valuable working hours traveling to a training location, and they have the flexibility to learn during business hours, or during evenings and weekends. 3.5 Customized Training From a detailed Training Needs Analysis through to building custom training courses, Micro Focus Education can address your unique business needs. Micro Focus Education Security Training Plan Guide Page 16 of 58

17 4. Our Instructors The Security Products learning experience we deliver is the most important aspect of our service. For this reason Micro Focus provides the highest quality of trainers in the industry. Our instructors are dedicated full-time professionals, highly trained as subject matter experts in their field. 4.1 Make It Interesting Our instructors deliver training with enthusiasm and are respectful of students and their needs at all times. It is through this process and our structured learning development philosophy that our classes are greatly valued and appreciated by participants. 4.2 Make It Relevant The key to effective and enjoyable training is to deliver material in a structured and wellorganized manner, with clear learning objectives and multiple methods of assessment to measure and improve student progress. With many years of teaching experience, our instructors deliver engaging training courses, ensuring that all students enjoy achieving their set learning objectives. Micro Focus Education Security Training Plan Guide Page 17 of 58

18 Training is an investment in your organization and in your people.

19 5. Security Learning Solutions Micro Focus Education offers a wide variety of Security training courses, from basic to advanced, from business and end-user to technical administrator and developer to enhance your knowledge of the various Security platforms. 5.1 Security Introduction Security enables organizations to build security and resiliency into the fabric of their enterprises to proactively detect and respond to cyber threats. Delivering an integrated suite of market-leading products, services, threat intelligence and security research, Micro Focus Security helps organizations strengthen their security posture, while safeguarding continuity and compliance to effectively mitigate risk and incident impact. With a global network of security operations centers and more than 5,000 IT security experts, Micro Focus Security empowers customers and partners to safely operate and innovate while keeping pace with the speed of today s idea economy. Micro Focus Education Security Training Plan Guide Page 19 of 58

20 20 Chapter 5: Security Learning Solutions ArcSight Benefits The ArcSight approach helps safeguard business data by giving users complete visibility into activity across the IT infrastructure through use of the following solutions: ArcSight Data Platform (ADP) ArcSight Data Platform offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Its open architecture message bus allows you to connect your existing data lakes, analytics tools, and other security technologies directly into the SOC, thus enabling you to send data from anywhere to anywhere. ADP includes Logger, ArcMC, Event Broker and Connectors. ArcSight Investigate ArcSight Investigate is an intuitive hunt and investigation solution built for Security Analysts to proactively hunt and defeat unknown threats and decrease the impact of security incidents Enterprise Security Management (ESM) Timely, accurate security intelligence that helps you improve response time and productivity. ArcSight Express The all-in-one SIEM appliance collects log activity from any data source, consolidates the information for maximum storage efficiency and correlates the events in multiple dimensions-by identity, vulnerability, asset, time, statistical calculations, patterns, and other events-so customers can detect advanced threats and respond before they cause damage. ArcSight Management Center (ArcMC) Centrally manage your ArcSight deployments through a unified interface. User Behavior Analytics (UBA) ArcSight UBA enables detection of advanced user and entity-based threats, and when used in conjunction with an installation of Security ArcSight SIEM, can leverage the same operational teams, data feeds, and incident response processes already in place. This, in turn, drives investigation efficiency and operational savings. 5.2 ArcSight Learning Solutions Learn from a full assortment of role-based, product-oriented courses with delivery options designed to support the most demanding security needs. 5.3 ArcSight Learning Path ArcSight learning solutions prepare you for fast implementation and efficient operation. Learn from a full assortment of role-based, product-oriented courses. Micro Focus Education Security Training Plan Guide Page 20 of 58

21 5.4 ArcSight Certification Path 21 Executive User SOC Operator Administrator Analyst Senior Analyst ArcSight Security Solutions ArcSight Administrator & Analyst ArcSight Administrator ArcSight Advanced Analyst Use Case Foundations Creating Advanced Content for Use Case Recommended ESM Courses by Role 5.4 ArcSight Certification Path Micro Focus offers an ArcSight accreditation or certification. To become an Accredited Software Professional pass either the ArcSight Security Solutions exam or the ArcSight ESM Admin & Analyst exam. To become a Certified Software Expert, pass the Logger Admin & Operations hands-on exam in addition to the ArcSight ESM Advanced Analyst hands-on exam or the ArcSight ESM Advanced Admin exam. Accredited Software Professional (ASP) ArcSight Security Solutions OR ArcSight ESM Admin & Analyst Certified Software Expert (CSE) Logger Admin & Operations AND ArcSight ESM Advanced Analyst OR ArcSight ESM Advanced Admin Micro Focus Education Security Training Plan Guide Page 21 of 58

22 22 Chapter 5: Security Learning Solutions 5.5 ArcSight ESM Courses ArcSight Security Solutions ASP ArcSight Security Solutions ASP provides an introduction to the common security problems addressed by ArcSight s products. Each module provides a high-level overview of each ArcSight product and describes how it solves the security risks experienced by digitally connected organizations. Audience Recommended Skills Type Prerequisites Duration Operators, Analysts, Administrators Gathering business requirements for the ArcSight solution; Designing a simple security solution using ArcSight products ILT, VILT, Onsite None Two days Micro Focus Education Security Training Plan Guide Page 22 of 58

23 5.4 ArcSight Certification Path ArcSight ESM Administrator and Analyst ASP ArcSight ESM 6Administrator and Analyst training details the Enterprise Security Manager (ESM) product facilities while performing related tasks on a live ArcSight ESM. You use the ArcSight Console and ArcSight Command Center interfaces to monitor security events, configure ESM, and manage users and ESM network intelligence resources. Using ArcSight ESM workflow, you isolate, document, escalate, and resolve security incidents. This course enables tailoring standard ArcSight ESM content to acquire, search, and correlate actionable event data, and perform remedial activities such as incident analysis, stakeholder notification, and reporting security conditions within your network environment. Audience Recommended Skills Type Prerequisites Duration Managers, Sales, Executive users Install ESM; Create user accounts and implement built-in solutions content; Implement Network and Asset Modeling facilities; Investigate, identify, analyze, and remediate security issues; Use workflow management; Modify and run standard reports; Establish ESM peering ILT, None VILT, Onsite, elearning Four days Micro Focus Education Security Training Plan Guide Page 23 of 58

24 24 Chapter 5: Security Learning Solutions ArcSight ESM Advanced Analyst CSE ArcSight ESM Advanced Analyst provides you with the knowledge required to use advanced ArcSight ESM content to find and correlate event information, perform actions such as notifying stakeholders, analyzing event data graphically, and reporting on security incidents within your security environment. You will familiarize and/or reinforce your understanding of the advanced correlation capabilities within ArcSight ESM that provide a significant edge in detecting active attacks. This course covers the ArcSight security problem solving methodology using advanced ArcSight ESM content to find, track, and remediate security incidents. During the training, you learn to use variables and correlation activities, customize report templates for dynamic content, and customize notification templates to send the appropriate notification based upon specific attributes of an event. Audience Recommended Skills Type Prerequisites Duration Analysts, Senior Analysts Correlate, investigate, analyze, and remediate both exposed and obscure threats; Construct ArcSight variables to provide advanced analysis of the event stream; Develop ArcSight lists and rules to allow advanced correlation activities; Optimize event-based data monitors to provide real-time viewing of event traffic and anomalies; Design new report templates and create functional reports, Find events through the search tools ILT, VILT, Onsite None required; Recommended: ESM Admin and Analyst ILT: Five days VILT: Four days Note: The VILT version of the course does not include the certification exam. Micro Focus Education Security Training Plan Guide Page 24 of 58

25 5.4 ArcSight Certification Path ArcSight ESM Advanced Administrator ASE ArcSight ESM Advanced Administrator provides you with techniques to proactively analyze and troubleshoot the ESM CORR-Engine database and ArcSight ESM Manager to provide efficient services to your organization. This course teaches you to design and deploy hierarchical, fault tolerant manager implementations as well integration strategies between ArcSight ESM and other ArcSight appliances such as Logger, Connector Appliance, and the ArcSight Management Center products. Audience Recommended Skills Type Prerequisites Duration Administrators Design, deploy, and configure an ArcSight ESM multi-manager layout; Assess and implement integration strategies; Provide credentials for ArcSight ESM, including RADIUS and LDAP/AD; Use available ArcSight tools; Implement ArcSight best practices for backup and recovery ILT, Onsite None required; Recommended: ESM Admin and Analyst ILT: Five days VILT: Four days Note: The VILT version of the course does not include the certification exam. Micro Focus Education Security Training Plan Guide Page 25 of 58

26 26 Chapter 5: Security Learning Solutions Building Security Use Cases with ArcSight ESM Building Security Use Cases with ArcSight ESM provides you with detailed knowledge of the ArcSight security problem solving methodology within the ESM context. In this course, you learn the methodologies to develop use cases for current business scenarios derived from the top business drivers in the market. Audience Recommended Skills Type Prerequisites Duration Senior Analysts Define use cases; Generate requirement statements and prioritize objectives; Identify data sources and ESM resources; Create identified ESM content; Construct ArcSight Active Channels; Develop ArcSight rules; Build event-based data monitors; Package formulated ESM content ILT, Onsite None Three days Micro Focus Education Security Training Plan Guide Page 26 of 58

27 5.4 ArcSight Certification Path Creating Advanced ESM Content for Security Use Cases Creating Advanced ESM Content for Security Use Cases covers ArcSight security problem solving methodology within the ESM context. In this course, you learn advanced techniques to use ArcSight ESM content to find, track, and remediate security incidents specifically identified in the course use cases. Audience Recommended Skills Type Prerequisites Duration This advanced course is intended for those whose primary rsecurityonsibilities include defining the organization s security objectives and building ArcSight ESM content to adhere to those objectives. Define use cases; Generate requirement statements and prioritize objectives; Identify data sources and ESM resources; Create identified ESM content; Construct ArcSight active channels; Develop ArcSight rules; Provide real time viewing of event traffic and anomalies; Implement custom velocity macros for notification; Package formulated ESM contents for the use case into an ArcSight resource bundle ILT, VILT, Onsite None Five days Micro Focus Education Security Training Plan Guide Page 27 of 58

28 28 Chapter 5: Security Learning Solutions 5.6 ArcSight Logger Courses ArcSight Logger Administration and Operations CSE ArcSight Logger Administration and Operations provides you the essentials of the ArcSight Logger solution, both hardware and software, as well as giving you information about how to architect a complete solution. This five-day ILT course covers the core features of the ArcSight Logger solution as well as more advanced features. Audience Recommended Skills Type Prerequisites Duration Business users, Administrators Common network device functions, such as routers, switches, and hubs; TCP/IP functions, such as CIDR blocks, subnets, addressing, communications; Windows operating system tasks, such as installations, services, sharing, and navigation ILT, VILT None ILT: Five days VILT: Four days Note: The VILT version of the course does not include the certification exam. Micro Focus Education Security Training Plan Guide Page 28 of 58

29 5.4 ArcSight Certification Path ArcSight Logger Search and Reporting ArcSight Logger Search and Reporting elearning provides you with task-focused training to quickly configure and use your Logger s event search and reporting capabilities. Learning content is specifically intended for team members of security operations, network operations, auditing, and compliance. Note: This course is a subset of the ArcSight Logger Administration and Operations course. If you have purchased or plan to purchase the ArcSight Logger Administration and Operations course, do not purchase this course. Audience Recommended Skills Type Prerequisites Duration This is a base-level course that provides you with specific end-user event search and reporting topics intended for team members of security operations, network operations, as well as personnel rsecurityonsible for auditing and compliance. Computer desktop, browser, and file system navigation skills; Basic understanding of TCP/IP networking and database concepts; Enterprise security experience ILT, None VILT, elearning ILT & VILT: 2 days elearning: Seven hours, online, self-paced elearning Micro Focus Education Security Training Plan Guide Page 29 of 58

30 30 Chapter 5: Security Learning Solutions 5.7 ArcSight Connectors and Connector Appliance Courses ArcSight SmartConnector Foundations and Tool Kits ArcSight SmartConnector Foundations provides you with detailed knowledge to install and configure ArcSight SmartConnectors. Included in the course are detailed walkthroughs for 11 of our most popular Smart and Flex connectors. Audience Recommended Skills Type Prerequisites Duration Administrators Install and configure SmartConnector software; Configure, enable, disable, alter, and remove SmartConnector settings elearning None Estimated eight hours, online, self-paced elearning Micro Focus Education Security Training Plan Guide Page 30 of 58

31 5.4 ArcSight Certification Path ArcSight FlexConnector Configuration ArcSight FlexConnector Configuration training provides you with an overview of the ArcSight SmartConnectors framework and explains the ArcSight ESM Schema. It teaches you how to construct and manipulate FlexConnector configuration and property files and use various parsing methods including fixed delimited, regular expressions, and database query. Examples from standard connectors are used to illustrate devicespecific methodologies. Advanced configuration options such as multi-line Regex, parser linking, and conditional mapping are also covered. Audience Administrators Recommended Skills Install ArcSight Connector software; Configure a functional FlexConnector and test with an ESM Active Channel; Create fixed delimited configuration files; Create common and sub-message parsing and token-to-event mapping; Create a tailored categorization file; Navigate the connector configuration file hierarchy Type Prerequisites Duration VILT None Three days Micro Focus Education Security Training Plan Guide Page 31 of 58

32 32 Chapter 5: Security Learning Solutions 5.8 ArcSight Management Center Course ArcSight Management Center Administration and Operations ArcSight Management Center (ArcMC) simplifies policy configuration, deployment maintenance and monitoring tasks. This course covers techniques needed to centralize device management, user management, and configuration management with ArcMC. Learn integration strategies to reduce daily management of ArcMC, Logger, Connector Appliance and Connectors products. Audience Recommended Skills Type Prerequisites Duration Administrators Experience administering ArcSight Connectors. Knowledge of SmartConnectors, Connector Appliance, ESM and Logger concepts. ILT, VILT None 3 days Micro Focus Education Security Training Plan Guide Page 32 of 58

33 5.4 ArcSight Certification Path ArcSight User Behavior Analytics ArcSight User Behavior Analytics ArcSight User Behavior Analytics (UBA) course provides an overview of the software from installation to management to integration with other ArcSight products. This course is intended for system administrators responsible for ongoing operations and management, and users responsible for integrating data sources in addition to security professionals, security analysts, risk and compliance officers, and IT specialists who need to use the functionality within the User Behavior Analytics. Audience Recommended Skills Type Prerequisites Duration Administrators Experience administering ArcSight Connectors. Knowledge of SmartConnectors, Connector Appliance, ESM and Logger concepts. ILT, VILT None 3 days Micro Focus Education Security Training Plan Guide Page 33 of 58

34 34 Chapter 5: Security Learning Solutions 5.10 Fortify Fortify Introduction When it comes to network and data security, it is essential that web applications are defended against threats and attacks. A common misperception is that firewalls protect an application from all attacks. While a firewall is necessary and an effective solution to control access and protect an organization, it often proves to be ineffective in preventing an application exploit. A firewall cannot protect every parameter of every application that resides behind it. Nor can it completely protect access to the applications. It is for this reason that an effective suite of tools specifically designed to protect web applications is essential. Fortify web application security solutions, available on-premise or on-demand, help you secure your software applications including legacy, mobile, third-party, and open source HP Fortify Benefits Fortify combines comprehensive static and dynamic testing technologies across 21 languages, with timely security intelligence from the HP Security Research team. Fortify can be deployed in-house, as a managed service or in a hybrid model taking advantage of the best of both worlds. This flexible delivery model allows security groups to get started quickly and scale in rsecurityonse to business changes while protecting their assets and investments in application security. These technologies, include: Fortify on Demand Fortify on Demand is a managed application security testing service that enables organizations to quickly test the application security of a few applications or launch a comprehensive security program without additional investment in software and personnel. WebInspect HP WeInspect is an automated, dynamic testing tool that mimics real-world hacking techniques and attacks, and provides comprehensive dynamic analysis of complex web applications and services. Application Defender HP s application self-protection can help you stop security threats that no one else can even see by protecting production applications from the inside. It s application security simplified. Fortify Static Code Analyzer (SCA) Fortify Static Code Analyzer provides automated static code analysis to help developers eliminate vulnerabilities and build secure software. Micro Focus Education Security Training Plan Guide Page 34 of 58

35 5.10 Fortify Fortify Learning Solutions Fortify Learning Solutions provide a full assortment of role-based, product-oriented courses with delivery options designed to support the most demanding security needs. Fortify Learning Path Micro Focus Education Security Training Plan Guide Page 35 of 58

36 36 Chapter 5: Security Learning Solutions Micro Focus Education Security Training Plan Guide Page 36 of 58

37 5.10 Fortify 37 Micro Focus Education Security Training Plan Guide Page 37 of 58

38 38 Chapter 5: Security Learning Solutions 5.11 Fortify Certification Path Fortify Certification offerings include both ASP- and ASE-level certifications for the Fortify products and solutions. To obtain the HP ASP Fortify Security v1 certification, you must successfully pass the Fortify Security Solutions ASP exam. To obtain the HP ASE Fortify Security v1 certification, you must successfully pass the Dynamic Application Testing with HP WebInspect OR the Fortify SCA/SSC exam Fortify Security Solutions ASP Fortify Security Solutions ASP training consists of two days of intensive training in application security and developing and testing software solutions using Fortify products. You will learn about the threats to applications and the architecture and operation of the Fortify solution. Through lectures and hand-on activities, you learn to implement Fortify Static Code Analyzer (SCA), Fortify Software Security Center, HP WebInspect, and Fortify Runtime. Audience Recommended Skills Type Prerequisites Duration Software Developers, Product Managers, Development Managers, Q/A Managers, Q/A Analysts, and Application Security Analysts Knowledge of software development methodologies; Implementation of Fortify products; Knowledge of Fortify Solutions Architecture ILT and VILT None Two days Micro Focus Education Security Training Plan Guide Page 38 of 58

39 5.10 Fortify Dynamic Application Testing with WebInspect This WebInspect course outlines HPE s comprehensive, automated web application and Web services vulnerability scanning solution. In this training, security professionals and compliance auditors learn how to quickly and easily analyze the numerous web applications and web services in their environment. This course includes extensive hands-on exercises. Audience Application Developers, Application Testers Recommended Skills WebInspect licensing installation; Use of WebInspect as a dynamic analysis security testing (DAST) tool; Manual, mobile, and work-flow driven scan creation; Web macros and report creation Type Prerequisites Duration ILT None Three days Micro Focus Education Security Training Plan Guide Page 39 of 58

40 40 Chapter 5: Security Learning Solutions WebInspect Enterprise: Using and Administering The goal of this course is to introduce you to WebInspect Enterprise which manages dynamic and static scanning focuses to ensure effective and efficient application security during your SDLC. This course will demonstrate how to create and manage your automated web application vulnerability scans and provide security risk solutions. Also, this course provides participants with hands-on activities using a practical, solutionsbased approach to identify and mitigate today s biggest application security risks. Students learn to create, scan, and manage projects using both Fortify SSC (Software Security Center) and WebInspect Enterprise. Audience This course is intended for application security analysts already using WebInspect to perform DAST on their applications, as well as static analysis through SSC. It is also useful for development managers, security-focused QA testers, security leads, and auditors. Recommended Skills Basic programming skills (able to read Java, C/C++, or.net.), basic understanding of web technologies: HTTP Requests and RSecurityonses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar), familiarity with some of the most common Web application vulnerabilities (i.e. OWASP Top 10), familiarity with application security, experience working with Fortify WebInspect Type Prerequisites Duration ILT None Two days Micro Focus Education Security Training Plan Guide Page 40 of 58

41 5.10 Fortify Developing with Fortify Application Security Developing with Fortify Application Security provides participants with an introduction to application security through the context of using the Fortify Security Center Application to thwart attacks. This course provides conceptual information, as well as demonstrations and optional hands-on activities using a practical, solutions-based approach to identify and mitigate today s most common business security risks. Audience Recommended Skills Type Prerequisites Duration Application Developers, QA Testers, Security Testers, Development Managers, Security Experts Basic understanding of web technologies: HTTP requests and rsecurityonses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP, or similar) elearning None Estimated four hours, online, self-paced elearning Fortify Software Security Center/Static Code Analyzer This course provides participants with demonstrations and hands-on activities using a practical, solutions-based approach to identify and mitigate today s most common business security risks. You learn to scan, assess, and secure applications using Fortify Software Security Center (SSC) and the Static Code Analyzer (SCA). This course includes extensive hands-on activities. Audience Application Developers, QA Testers, Security Testers Recommended Skills Application scanning; Security remediation; Knowledge of integrating Fortify products with current SDLC practices Type Prerequisites Duration ILT None Four days Micro Focus Education Security Training Plan Guide Page 41 of 58

42 42 Chapter 5: Security Learning Solutions Working with Fortify SCA, Audit Work Bench, and SSC Working with Fortify SCA, Audit Work Bench, and SSC provides demonstrations and optional hands-on activities using a practical, solutions-based approach to identify and mitigate today s most common business security risks. You learn to scan, assess, and secure applications using Fortify Software Security Center (SSC). Audience Recommended Skills Type Prerequisites Duration Application Developers, QA Testers, Security Experts Developing with Fortify Applications Security or equivalent knowledge; Basic programming skills (able to read Java, C/C++, or.net.); Basic understanding of web technologies: HTTP requests and rsecurityonses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP, or similar); Computer desktop, browser, and file system navigation skills elearning None Estimated seven hours, online, self-paced elearning Micro Focus Education Security Training Plan Guide Page 42 of 58

43 5.10 Fortify Fortify for Developers Using Plugins With the licensed Adoption Readiness Tool (ART) for this course, you can learn how to integrate Fortify with IDE Plugins (Microsoft Visual Studio and Eclipse), part of the Fortify product suite, into your software development processes to help you achieve application security. This training will help you recognize how websites get attacked as well as the OWASP Top 10 vulnerabilities to websites, so you can understand cyberattacks and their impact on applications. Then, you will learn, through the Fortify plugins (Microsoft Visual Studio and Eclipse), how to scan, analyze, and fix vulnerabilities in your application code to build secure applications. Audience Recommended Skills Type Prerequisites Duration Application Developers using the Fortify Plugins (Microsoft Visual Studio, Eclipse) Developing with Fortify Applications Security or equivalent knowledge; Basic programming skills (able to read Java, C/C++, or.net.); Basic understanding of web technologies: HTTP requests and rsecurityonses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP, or similar); Computer desktop, browser, and file system navigation skills elearning None Estimated four hours, online, self-paced elearning Micro Focus Education Security Training Plan Guide Page 43 of 58

44 5.12 Atalla 44 Chapter 5: Security Learning Solutions Atalla Introduction Atalla solutions safeguard data throughout its entire lifecycle at rest, in motion, in use across cloud, on-premise, and mobile environments with continuous protection. Protect, manage, and control access to sensitive data by using Atalla products and solutions Atalla Benefits Atalla Information Protection Solutions offer a suite of products that deliver information protection, seamless data security, and superior cryptography. 1. Atalla Cloud Encryption Atalla Cloud Encryption combines powerful data encryption with patented homomorphic split-key encryption technology to increase security and protect keys even when they are used in the cloud. It easily encrypts any disk or data storage unit with proven encryption algorithms such as AES-256 and makes it safe from hackers, unauthorized access, competitors, and other threats. 2. Atalla Information Proctection and Control (IPC) Atalla Information Protection and Control (IPC) Suite solves the complex challenge of providing data classification and data security by providing organizations the means to bring protection to the data itself. Atalla IPC applies protection at a point where information is created, and makes that protection persistent, so it follows the information wherever it goes. This secures sensitive data no matter where it actually resides. 3. Atalla Network Security Processor (NSP) Atalla NSP hardware security modules (HSM) are designed specifically for payment processing solutions, delivering high-performing cryptography and key management capabilities for card payment authorization and real-time fraud prevention. 4. Atalla Enterprise Secure Key Manager Enterprise Secure Key Manager (ESKM) is a complete solution for generating, storing, serving, controlling, and auditing access to data encryption keys in a secure appliance. Micro Focus Education Security Training Plan Guide Page 44 of 58

45 5.12 Atalla Atalla Learning Solutions Atalla learning solutions include product-oriented courses on the Atalla and NSP products. Atalla Learning Path Enterprise Secure Key Manager (ESKM) Training Enterprise Secure Key Manager (ESKM) Training is designed to introduce the HP ESKM product. This hands-on training includes installation of the ESKM solutions, system configuration, viewing log messages, and performing product upgrades. This course includes hands-on, interactive lab exercises. Audience Individuals working with the ESKM product Recommended Skills Basic understanding of system installations and configurations; Basic understanding of Command Line Interface (CLI) Type Prerequisites Duration ILT None One day Micro Focus Education Security Training Plan Guide Page 45 of 58

46 46 Chapter 5: Security Learning Solutions Atalla Network Security Processor (NSP) Training Atalla Network Security Processor (NSP) Training is designed to introduce the Atalla NSP product. This hands-on training introduces you to NSP features and functionality, including hardware and software features, TCP/IP configuration, and NSP configuration. This course includes hands-on, interactive lab exercises. Audience Individuals working with the NSP product Recommended Skills Understanding system installations and configurations; Understanding of Command Line Interface (CLI); Understanding of TCP/IP configuration Type Prerequisites Duration ILT None Two days Micro Focus Education Security Training Plan Guide Page 46 of 58

47 5.13 SecureData (Voltage) SecureData (Voltage) SecureData (Voltage) Introduction SecureData (Voltage) Products SecureData (formerly known as Voltage) is a leading expert in data encryption and tokenization data security solutions for thousands of mid-sized businesses including healthcare organizations, regional banks and insurance providers including transportation, retail, insurance, high tech, healthcare, telecom and the public sector. SecureData solutions provide continuous protection through data classification, data encryption, and key management, offering flexibility, reliability, and manageability SecureData Voltage Benefits SecureData Voltage Solutions offer data encryption and tokenization security solutions; across enterprise, cloud, mobile, and Big Data environments. 1. HPE Secur Easy-to-use global scale encryption inside and outside enterprise 2. SecureData Enterprise Complete Protection of PII, PHI, and PCI data for enterprises handling sensitive Information 3. SecureData for Hadoop Protect sensitive data at rest, in motion, and in use in Hadoop and Big Data systems 4. SecureData Payments End-to-end cardholder data protection for merchants and processors 5. SecureData Mobile Provides end-to-end data encryption from native mobile applications to enterprisetrusted hosts 6. SecureData Web End-to-end protection for Web transactions 7. SecureData Sandbox Step-by-step data-centric security experience for architects and developers 8. SecureData Suite for Test and Dev Data-centric protection for sensitive data in test and development environments 9. HPE SecureStorage Manage volume-level encryption for Big Data and other Linux environments 10. HPE SecureFile Enterprise document and file encryption, inside and outside the Cloud Micro Focus Education Security Training Plan Guide Page 47 of 58

48 48 Chapter 5: Security Learning Solutions SecureData Voltage Learning Solutions SecureData Voltage learning solutions include product-oriented courses on SecureData Voltage products and solutions. SecureData Voltage Learning Path Introduction to SecureData The Introduction to SecureData (formerly known as Voltage) elearning course provides a high-level overview of the SecureData suite of products and describes how these solutions work to protect sensitive data. This course is designed to equip you with the information needed to maximize the impact of SecureData products by utilizing and customizing their full range of features. In doing so, you be able to reduce downtime and costs as you leverage the strength of each product feature. Audience Recommended Skills Type Prerequisites Duration This introductory course is intended for anyone interested in learning about SecureData solutions. Basic understanding of of your organization s security requirements and Basic understanding of the SecureData solution elearning None Approximately One hour Micro Focus Education Security Training Plan Guide Page 48 of 58

49 5.13 SecureData (Voltage) Voltage SecureData Solutions Training Voltage SecureData Solutions Training is designed to help customers extend the functionality of Voltage SecureData products, aimed at meeting their organization s requirements. This course provides participants with demonstrations and hands-on activities using a practical, solutions-based approach. Audience This course is intended for all members of the project team, including security teams, architects, project managers, developers, and operations personnel. Recommended Skills Basic understanding of of your organization s security requirements and the Voltage SecureData solution Type Prerequisites Duration ILT None Two Days Micro Focus Education Security Training Plan Guide Page 49 of 58

50 Education empowers people.

51 6. Contact Us Want to enroll in a training class? Schedule onsite or web-based training? Or ask a training question? Contact us. We re here to help! Micro Focus Education operates in the Americas, Europe, Middle East, Africa, Asia Pacific and Japan. For questions about training in your region, please contact us using: Micro Focus Education From this webpage you can provide us with your contact details and descriptions concerning your inquiry. One of our regional training coordinators will be in touch to assist you. For general feedback please educationfeedback@microfocus.com Micro Focus forums and blogs Join the conversation with experts and colleagues to get advice, discuss issues, and find solutions. Register an account to post on the Community Knowledge Base. Micro Focus Education Terms and Conditions Micro Focus Education Security Training Plan Guide Page 51 of 58

52 This page intentionally left blank.

53 7. The Other Training Plan Guides Want to learn about courses from Application Delivery Management, Cloud Automation, Business Service Management, Service Portfolio Management, Enterprise Security Products, or Big Data? Visit the Training Plan Guide portal to see the other Training Plan Guides. Application Delivery Management Application Delivery Management (ADM) solutions help you release applications faster through improved collaboration, traceability, and productivity. This Training Plan Guide provides an overview all offerings within the ADM portfolio including ALM, ALM Octane, Unified Functional Testing, LeanFT, Performance Center, LoadRunner, StormRunner Load and Mobile Center. Cloud and Automation The adoption of mobility and cloud computing is accelerating the application life cycle and increasing pressure to take a user-centric approach to design and delivery. This Training Plan Guide overviews all offerings within the Cloud and Automation portfolio. Micro Focus Education Security Training Plan Guide Page 53 of 58

54 54 Chapter 7: The Other Training Plan Guides Application Performance Management Application Performance Management (APM) blurb Ops Bridge blurb Network Operations Management Suite blurb Dev Ops Micro Focus provide the consultancy and expertise needed to realize business value from Micro Focus Software. Micro Focus Education provides training on Micro Focus DevOps Solutions and third party software to drive adoption and maximize your business value. The Education available includes: DevOps training, Agile Training and IT4IT training. IT Service Management Micro Focus IT Service Management software and solutions allow you to access comprehensive IT and business services that propel your enterprise to growth and innovation. This Training Plan Guide overviews all offerings within the IT Service Management portfolio. Information Management & Governance Micro Focus Information Governance solutions efficiently protect a new generation of Big Data, which is spread across a range of locations, applications, and formats. Our solutions deliver comprehensive, easy-to-use data protection that maximizes storage efficiency and performance. Check out the Training Plan Guide to learn more. Vertica Vertica allows you to manage and analyze massive volumes of structured and semistructured data quickly and reliably. This guide outlines our ever-growing portfolio of courses on managing your Vertica environment and performing in-depth analysis of your data. Security Products From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. Micro Focus Security Products is our answer to these threats and attacks. This Training Plan Guide overviews all offerings within the Security portfolio. Micro Focus Education Security Training Plan Guide Page 54 of 58

55 Security Awareness By now, security education should be a top priority for any organization with information to protect, which is EVERY organization. Technology is a credible line of defense, but it cannot be the only one. Your employees need to know how they can help protect your company s sensitive data and be motivated by why they should care about protecting it. By simply educating your employees on security best practices, you can prevent 40% of data breaches caused at organizations by careless or unwitting insiders. This Training Plan Guide lists all the Security Awareness learning solutions. 55 Micro Focus Education Security Training Plan Guide Page 55 of 58

56 Index Accreditation, 11 ArcSight Creating Advanced ESM Content for Security Use Cases, 27 ArcMC, 32 Benefits, 20 Building Security Use Cases with ESM, 26 Certification Path, 21 ESM 6.5 Administrator and Analyst ASP, 23 ESM Advanced Administrator ASE, 25 ESM Advanced Analyst CSE, 24 FlexConnector Configuration, 31 Learning Solutions, 20 Logger Administration and Operations CSE, 28 Logger Search and Reporting, 29 Security Solutions ASTP, 22 SmartConnector Foundations and Tool Kits, 30 UBA, 33 Atalla, 44 Benefits, 44 Enterprise Secure Key Manager (ESKM) Training, 45 Introduction, 44 Learning Solutions, 45 Network Security Processor (NSP) Training, 46 Best Defense Is a Good Offense, 10 Certifications, 11 Contact Us, 51 Education, 13 Control, 13 Getting Ahead of the Game, 14 Protecting your Investment, 14 Return on Investment, 14 Time to Market, 14 Enterprise Security Products Approach, 9 Fortify, 34 Benefits, 34 Certification Path, 38 Developing with Fortify Application Security, 41 Fortify for Developers Using Plugins, 43 Introduction, 34 Learning Solutions, 35 Security Solutions ASP, 38 Micro Focus Education Security Training Plan Guide Page 56 of 58