Security Products Training Plan Guide

Transcription

1 Mi cr ofocuseducat i on Security Products Training Plan Guide

2 Copyright 2018 Micro Focus. All rights reserved. Published by Micro Focus Micro Focus. The information contained herein is subject to change without notice. The only warranties for Micro Focus products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. Trademark acknowledgments if needed. This material ( Material ) may contain branding from Hewlett-Packard Company (now HP Inc.) and Micro Focus Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Micro Focus/HPE marks is historical in nature, and the HP and Micro Focus/HPE marks are the property of their respective owners. First printing, January 2015 Last Updated: January 17, 2018

3 Contents 1 Security Products A Proactive Approach to Information Security The Enterprise Security Landscape The Best Defense Is a Good Offense Security Products Security Services Security Research Micro Focus Certification and Accreditation Micro Focus Education Control Protecting your Investment Time to Market Return on Investment Getting Ahead of the Game Training Delivery Options Instructor Led Training (ILT) Virtual Instructor Led Training (VILT) elearning Self-Study

4 3.5 Tailored Training Our Instructors Make It Interesting Make It Relevant Security Learning Solutions Security Introduction ArcSight Benefits ArcSight Learning Solutions ArcSight Learning Path ArcSight Certification Path ArcSight ESM Courses ArcSight Security Solutions ASP ArcSight ESM Administrator and Analyst ASP ArcSight ESM Advanced Analyst CSE ArcSight ESM Advanced Administrator ASE Building Security Use Cases with ArcSight ESM Creating Advanced ESM Content for Security Use Cases ArcSight Logger Courses ArcSight Logger Administration and Operations CSE ArcSight Logger Search and Reporting ArcSight Connectors and Connector Appliance Courses ArcSight SmartConnector Foundations and Tool Kits ArcSight FlexConnector Configuration ArcSight Management Center Course ArcSight Management Center Administration and Operations ArcSight User Behavior Analytics ArcSight User Behavior Analytics Fortify Fortify Introduction Fortify Benefits Fortify Learning Solutions Fortify Certification Path Fortify Security Solutions ASP Dynamic Application Testing with WebInspect WebInspect Enterprise: Using and Administering WebInspect Foundations Fortify Static Code Analyzer (SCA) - Software Security Center (SSC)

5 Fortify Foundations Fortify Audit Assistant Atalla Atalla Introduction Atalla Benefits Atalla Learning Solutions Enterprise Secure Key Manager (ESKM) Training Atalla Hardware Security Module (HSM) Training SecureData (formally Voltage) SecureData Introduction SecureData Benefits SecureData Learning Path Introduction to SecureData SecureData Foundations Contact Us The Other Training Plan Guides Index

6 This page intentionally left blank.

7 Trained users require 6x less support than untrained users.

8 This page intentionally left blank.

9 1. Security Products From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. Micro Focus Security Products is our answer to these threats and attacks. 1.1 A Proactive Approach to Information Security Micro Focus Security products and services help organizations meet the security demands of a rapidly changing and more dangerous world. Security enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis, and network-level defense mechanisms unifying the components of a complete security program and reducing risk across your enterprise. 1.2 The Enterprise Security Landscape Micro Focus is changing the enterprise security landscape with advanced security solutions that uniquely leverage leading threat research and powerful correlation of security events and vulnerabilities to deliver security intelligence spanning IT operations, applications, and infrastructure. Micro Focus Education Security Training Plan Guide Page 9 of 56

10 10 Chapter 1: Security Products Micro Focus comprehensive approach has you covered: we disrupt your adversaries, manage your risk, and extend your capabilities. This strengthens your security posture to minimize incidence impact and control costs while expanding insight for better decisions. 1.3 The Best Defense Is a Good Offense When today s IT is faced with sophisticated threats, it s essential to have the right security solutions to protect your business. With an army of experts and arsenal of products, we work proactively across technologies to keep your data safe. Micro Focus draws on decades of security experience to take the fight to adversaries before they attack. We can help you predict and disrupt threats, manage risk and compliance, and extend your own security team. 1.4 Security Products Take a proactive approach to security that integrates security information and event management (SIEM), application analysis, and network-level defense. 1.5 Security Services Implement a strategy to mitigate risk and avoid costly penalties for non-compliance. Micro Focus can detect intrusions within 12 minutes of arrival and resolve 92% of major incidents within 2 hours of identification. And we provide tools, teams, and processes to comply with PCI, SOX, HIPAA, and EU Data. 1.6 Security Research Micro Focus conducts innovative research and provides industry-leading protection against the latest threats. Security research publications and regular threat briefings include regular updates on the latest threats, Zero-Day initiatives, and application vulnerabilities. Micro Focus Education Security Training Plan Guide Page 10 of 56

11 1.7 Micro Focus Certification and Accreditation Micro Focus Certification and Accreditation Technology professionals today need to be effective in this New Style of Business. Micro Focus provides a flexible approach to performance improvement for the technical software professional motivated by continuous learning and achievement. Accreditation and certifications help you demonstrate your commitment, improve your skills, and build confidence in your knowledge of the product or solution. ACCREDITATION WHAT IT MEANS EXAM Accredited Software Professional (ASP) Accredited Solutions Expert (ASE) Introductory level certification. The individual understands the fundamental concepts, terms, technologies, and processes needed to implement and design Micro Focus solutions, install and configure equipment and software, and administer and support the solutions. Indicates advanced technical skills for enterprise technologies. This person can design, implement, administer, or deploy and support IT solutions aligned to a specific job role. Online exam to be taken at will after class attendance. Online exam to be taken at will after class attendance. CERTIFICATION WHAT IT MEANS EXAM Certified Software Professional (CSP) Certified Solutions Expert (CSE) Introductory level certification. The individual understands the fundamental concepts, terms, technologies, and processes needed to implement and design Micro Focus solutions, install and configure equipment and software, and administer and support the solutions. Indicates Advanced technical certification for enterprise technologies. This person can design, implement, administer, or deploy and support IT solutions aligned to a specific job role. This online exam is proctored by the instructor on the final day of class. This advanced technical exam models a practicum hands-on scenario and is proctored by the instructor on the final day of class. Prerequisite is class completion prior to enrollment in exam. Micro Focus Education Security Training Plan Guide Page 11 of 56

12 This page intentionally left blank.

13 2. Micro Focus Education The mission of the Education organization is to deliver the best possible Security Products learning experience. With a global team of experienced trainers and subject matter experts, our business offers you well-designed training courses across the entire range of Information Management solutions. We educate you, support you, and put you in control of your investment to ensure real-world success. 2.1 Control Enterprise Software drives your business forward by automating processes and increasing efficiencies. Your cutting-edge investment requires end users who know how to get the most out of the technology. Meanwhile, your technical staff must learn how to configure, optimize, maintain, and administer the technology. Training addresses the needs of both of these users, giving them the knowledge to take control. Micro Focus Education Security Training Plan Guide Page 13 of 56

14 14 Chapter 2: Micro Focus Education 2.2 Protecting your Investment It s one thing to buy a plane, but quite another to fly it! You ve made the right decision to invest in Micro Focus Software technologies. Now is the time to invest in your team, to train them on the solution and equip them with the knowledge to get the best out of the technology. Learning from the professionals ensures that you are protecting that investment. As a result, your team will navigate and fly in the right direction. 2.3 Time to Market Enabling your team means your project will run more smoothly and efficiently and reach completion in shorter time frames. Our education services reinforce formal classroom instruction with extensive hands-on practical experience. The majority of the classes are in a workshop environment that challenges the trainee, aids them during the learning process, and accelerates the knowledge transfer. The earlier your team gains expertise, the more successful your project will be. Analyst reports suggest that 75% of managers believe effective training will increases the chances of a project meeting its deadlines. Furthermore, 80% of IT managers believe effective training is critical to the success of a project. 2.4 Return on Investment Cost is always a key consideration; education offers a way to lower the total cost of ownership. Our education courses present your team members with best practices in design, deployment, and administration of your Micro Focus Software solutions. This translates into decreased technical support costs, lower ongoing administrative overhead, and the ability to work more effectively with our Consulting Services. Effective learning also leads to lower hardware costs with better-configured systems, decreased network load, and increased return on investment for integrated third-party applications. Thus, our training results in a return on multiple levels. 2.5 Getting Ahead of the Game The learning curve never stops, so if you want to lead the market with cutting-edge, worldclass solutions you need to give your team the training they need to keep you competitive. Micro Focus Education Security Training Plan Guide Page 14 of 56

15 3. Training Delivery Options Micro Focus Education wants your Security Products training delivered in the environment best suited to your needs. 3.1 Instructor Led Training (ILT) Micro Focus Education operates instructor-led training sessions in facilities around the globe. Each course is designed to provide students with hands-on experience and is labbased to keep learning practical. The class experience offers students the opportunity to personally interact with one of our certified instructors who has extensive experience and industry knowledge. We have a range of courses designed to accommodate both beginner and advanced students. To ensure that adequate attention is provided to each student attending an instructor-led class, Education maintains class sizes between six to twelve participants. Education also provides Instructor-Led on-site training and this is most convenient when your team members are located in the same region. As long as the host provides adequate on-site training facilities, Education will send one of our instructors to your chosen site to conduct the training. We then deliver standard or customized training that addresses your unique business needs. Please note that the maximum class size for on-site training is limited to 12 students to ensure that adequate individual attention is provided. The benefits of on-site training are identical to VILT training with the added benefit of receiving face-to-face training in your domain. Micro Focus Education Security Training Plan Guide Page 15 of 56

16 16 Chapter 3: Training Delivery Options 3.2 Virtual Instructor Led Training (VILT) Virtual Instructor Led Training (VILT) classes are a good alternative to sending your staff to a public training course. This option reduces travel and expense costs in the event your staff are geographically dispersed. Furthermore, VILT saves valuable time by permitting the student to stay in the office during the training sessions. VILT are live, instructor-led sessions. Students connect to the virtual classroom using their own computer, telephone, or Internet connection. VILT instructors facilitate live sessions for participants around the globe. 3.3 elearning Micro Focus elearning is interactive Web-based training that gets teams up to speed fast and is available on-demand 24x7. With hands-on exercises and easy-to-follow instructions, Micro Focus elearning emphasizes key learning points and can support your team either as stand-alone learning or as a supplement to traditional training programs. Micro Focus Education also offers a tailored elearning service to meet your business requirements. 3.4 Self-Study Our new self-study courses make learning easier and more enjoyable than ever. This offering allows participants to learn about a product by reading the course manual and then practice what they have learned by stepping through detailed hands-on exercises using a dedicated remote lab environment. This means participants do not need to lose valuable working hours traveling to a training location, and they have the flexibility to learn during business hours, or during evenings and weekends. 3.5 Tailored Training From a detailed training needs analysis through to building custom training courses, Micro Focus Education can address your unique business needs. Micro Focus Education Security Training Plan Guide Page 16 of 56

17 4. Our Instructors The Security Products learning experience we deliver is the most important aspect of our service. For this reason Micro Focus provides the highest quality trainers in the industry. Our instructors are dedicated full-time professionals, highly trained as subject matter experts in their field. 4.1 Make It Interesting Our instructors deliver training with enthusiasm and are respectful of students and their needs at all times. It is through this process and our structured learning development philosophy that our classes are greatly valued and appreciated by participants. 4.2 Make It Relevant The key to effective and enjoyable training is to deliver material in a structured and wellorganized manner, with clear learning objectives and multiple methods of assessment to measure and improve student progress. With many years of teaching experience, our instructors deliver engaging training courses, ensuring that all students enjoy achieving their set learning objectives. Micro Focus Education Security Training Plan Guide Page 17 of 56

18 Training is an investment in your organization and in your people.

19 5. Security Learning Solutions Micro Focus Education offers a wide variety of Security training courses, from basic to advanced, from business and end-user to technical administrator and developer to enhance your knowledge of the various Security platforms. 5.1 Security Introduction Security enables organizations to build security and resiliency into the fabric of their enterprises to proactively detect and respond to cyber threats. Delivering an integrated suite of market-leading products, services, threat intelligence and security research, Micro Focus Security helps organizations strengthen their security posture, while safeguarding continuity and compliance to effectively mitigate risk and incident impact. With a global network of security operations centers and more than 5,000 IT security experts, Micro Focus Security empowers customers and partners to safely operate and innovate while keeping pace with the speed of today s idea economy. Micro Focus Education Security Training Plan Guide Page 19 of 56

20 20 Chapter 5: Security Learning Solutions ArcSight Benefits The ArcSight approach helps safeguard business data by giving users complete visibility into activity across the IT infrastructure through use of the following solutions: ArcSight Data Platform (ADP) ArcSight Data Platform offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Its open architecture message bus allows you to connect your existing data lakes, analytics tools, and other security technologies directly into the SOC, thus enabling you to send data from anywhere to anywhere. ADP includes Logger, ArcMC, Event Broker and Connectors. ArcSight Investigate ArcSight Investigate is an intuitive hunt and investigation solution built for Security Analysts to proactively hunt and defeat unknown threats and decrease the impact of security incidents Enterprise Security Management (ESM) Timely, accurate security intelligence that helps you improve response time and productivity. ArcSight Express The all-in-one SIEM appliance collects log activity from any data source, consolidates the information for maximum storage efficiency and correlates the events in multiple dimensions-by identity, vulnerability, asset, time, statistical calculations, patterns, and other events-so customers can detect advanced threats and respond before they cause damage. ArcSight Management Center (ArcMC) Centrally manage your ArcSight deployments through a unified interface. User Behavior Analytics (UBA) ArcSight UBA enables detection of advanced user and entity-based threats, and when used in conjunction with an installation of Security ArcSight SIEM, can leverage the same operational teams, data feeds, and incident response processes already in place. This, in turn, drives investigation efficiency and operational savings. 5.2 ArcSight Learning Solutions Learn from a full assortment of role-based, product-oriented courses with delivery options designed to support the most demanding security needs. 5.3 ArcSight Learning Path ArcSight learning solutions prepare you for fast implementation and efficient operation. Learn from a full assortment of role-based, product-oriented courses. Micro Focus Education Security Training Plan Guide Page 20 of 56

21 5.4 ArcSight Certification Path 21 Executive User SOC Operator Administrator Analyst Senior Analyst ArcSight Security Solutions ArcSight Administrator & Analyst ArcSight Administrator ArcSight Advanced Analyst Use Case Foundations Creating Advanced Content for Use Case Recommended ESM Courses by Role 5.4 ArcSight Certification Path Micro Focus offers an ArcSight accreditation or certification. To become an Accredited Software Professional pass either the ArcSight Security Solutions exam or the ArcSight ESM Admin & Analyst exam. To become a Certified Software Expert, pass the Logger Admin & Operations hands-on exam in addition to the ArcSight ESM Advanced Analyst hands-on exam or the ArcSight ESM Advanced Admin exam. Certified Software Expert (CSE) Accredited Software Professional (ASP) ArcSight ESM Admin & Analyst Logger Admin & Operations AND ArcSight ESM Advanced Analyst OR ArcSight ESM Advanced Admin Micro Focus Education Security Training Plan Guide Page 21 of 56

22 22 Chapter 5: Security Learning Solutions 5.5 ArcSight ESM Courses ArcSight Security Solutions ASP ArcSight Security Solutions ASP provides an introduction to the common security problems addressed by ArcSight s products. Each module provides a high-level overview of each ArcSight product and describes how it solves the security risks experienced by digitally connected organizations. Audience Recommended Skills Type Prerequisites Duration Operators, Analysts, Administrators Gathering business requirements for the ArcSight solution; Designing a simple security solution using ArcSight products ILT, VILT, Onsite None Two days Micro Focus Education Security Training Plan Guide Page 22 of 56

23 5.4 ArcSight Certification Path ArcSight ESM Administrator and Analyst ASP ArcSight ESM 6Administrator and Analyst training details the Enterprise Security Manager (ESM) product facilities while performing related tasks on a live ArcSight ESM. You use the ArcSight Console and ArcSight Command Center interfaces to monitor security events, configure ESM, and manage users and ESM network intelligence resources. Using ArcSight ESM workflow, you isolate, document, escalate, and resolve security incidents. This course enables tailoring standard ArcSight ESM content to acquire, search, and correlate actionable event data, and perform remedial activities such as incident analysis, stakeholder notification, and reporting security conditions within your network environment. Audience Recommended Skills Type Prerequisites Duration Managers, Sales, Executive users Install ESM; Create user accounts and implement built-in solutions content; Implement Network and Asset Modeling facilities; Investigate, identify, analyze, and remediate security issues; Use workflow management; Modify and run standard reports; Establish ESM peering ILT, None VILT, Onsite, elearning Four days Micro Focus Education Security Training Plan Guide Page 23 of 56

24 24 Chapter 5: Security Learning Solutions ArcSight ESM Advanced Analyst CSE ArcSight ESM Advanced Analyst provides you with the knowledge required to use advanced ArcSight ESM content to find and correlate event information, perform actions such as notifying stakeholders, analyzing event data graphically, and reporting on security incidents within your security environment. You will familiarize and/or reinforce your understanding of the advanced correlation capabilities within ArcSight ESM that provide a significant edge in detecting active attacks. This course covers the ArcSight security problem solving methodology using advanced ArcSight ESM content to find, track, and remediate security incidents. During the training, you learn to use variables and correlation activities, customize report templates for dynamic content, and customize notification templates to send the appropriate notification based upon specific attributes of an event. Audience Recommended Skills Type Prerequisites Duration Analysts, Senior Analysts Correlate, investigate, analyze, and remediate both exposed and obscure threats; Construct ArcSight variables to provide advanced analysis of the event stream; Develop ArcSight lists and rules to allow advanced correlation activities; Optimize event-based data monitors to provide real-time viewing of event traffic and anomalies; Design new report templates and create functional reports, Find events through the search tools ILT, VILT, Onsite None required; Recommended: ESM Admin and Analyst ILT: Five days VILT: Four days Note: The VILT version of the course does not include the certification exam. Micro Focus Education Security Training Plan Guide Page 24 of 56

25 5.4 ArcSight Certification Path ArcSight ESM Advanced Administrator ASE ArcSight ESM Advanced Administrator provides you with techniques to proactively analyze and troubleshoot the ESM CORR-Engine database and ArcSight ESM Manager to provide efficient services to your organization. This course teaches you to design and deploy hierarchical, fault tolerant manager implementations as well integration strategies between ArcSight ESM and other ArcSight appliances such as Logger, Connector Appliance, and the ArcSight Management Center products. Audience Recommended Skills Type Prerequisites Duration Administrators Design, deploy, and configure an ArcSight ESM multi-manager layout; Assess and implement integration strategies; Provide credentials for ArcSight ESM, including RADIUS and LDAP/AD; Use available ArcSight tools; Implement ArcSight best practices for backup and recovery ILT, Onsite None required; Recommended: ESM Admin and Analyst ILT: Five days VILT: Four days Note: The VILT version of the course does not include the certification exam. Micro Focus Education Security Training Plan Guide Page 25 of 56

26 26 Chapter 5: Security Learning Solutions Building Security Use Cases with ArcSight ESM Building Security Use Cases with ArcSight ESM provides you with detailed knowledge of the ArcSight security problem solving methodology within the ESM context. In this course, you learn the methodologies to develop use cases for current business scenarios derived from the top business drivers in the market. Audience Recommended Skills Type Prerequisites Duration Senior Analysts Define use cases; Generate requirement statements and prioritize objectives; Identify data sources and ESM resources; Create identified ESM content; Construct ArcSight Active Channels; Develop ArcSight rules; Build event-based data monitors; Package formulated ESM content ILT, Onsite None Three days Micro Focus Education Security Training Plan Guide Page 26 of 56

27 5.4 ArcSight Certification Path Creating Advanced ESM Content for Security Use Cases Creating Advanced ESM Content for Security Use Cases covers ArcSight security problem solving methodology within the ESM context. In this course, you learn advanced techniques to use ArcSight ESM content to find, track, and remediate security incidents specifically identified in the course use cases. Audience Recommended Skills Type Prerequisites Duration This advanced course is intended for those whose primary rsecurityonsibilities include defining the organization s security objectives and building ArcSight ESM content to adhere to those objectives. Define use cases; Generate requirement statements and prioritize objectives; Identify data sources and ESM resources; Create identified ESM content; Construct ArcSight active channels; Develop ArcSight rules; Provide real time viewing of event traffic and anomalies; Implement custom velocity macros for notification; Package formulated ESM contents for the use case into an ArcSight resource bundle ILT, VILT, Onsite None Five days Micro Focus Education Security Training Plan Guide Page 27 of 56

28 28 Chapter 5: Security Learning Solutions 5.6 ArcSight Logger Courses ArcSight Logger Administration and Operations CSE ArcSight Logger Administration and Operations provides you the essentials of the ArcSight Logger solution, both hardware and software, as well as giving you information about how to architect a complete solution. This five-day ILT course covers the core features of the ArcSight Logger solution as well as more advanced features. Audience Recommended Skills Type Prerequisites Duration Business users, Administrators Common network device functions, such as routers, switches, and hubs; TCP/IP functions, such as CIDR blocks, subnets, addressing, communications; Windows operating system tasks, such as installations, services, sharing, and navigation ILT, VILT None ILT: Five days VILT: Four days Note: The VILT version of the course does not include the certification exam. Micro Focus Education Security Training Plan Guide Page 28 of 56

29 5.4 ArcSight Certification Path ArcSight Logger Search and Reporting ArcSight Logger Search and Reporting elearning provides you with task-focused training to quickly configure and use your Logger s event search and reporting capabilities. Learning content is specifically intended for team members of security operations, network operations, auditing, and compliance. Note: This course is a subset of the ArcSight Logger Administration and Operations course. If you have purchased or plan to purchase the ArcSight Logger Administration and Operations course, do not purchase this course. Audience Recommended Skills Type Prerequisites Duration This is a base-level course that provides you with specific end-user event search and reporting topics intended for team members of security operations, network operations, as well as personnel rsecurityonsible for auditing and compliance. Computer desktop, browser, and file system navigation skills; Basic understanding of TCP/IP networking and database concepts; Enterprise security experience ILT, None VILT, elearning ILT & VILT: 2 days elearning: Seven hours, online, self-paced elearning Micro Focus Education Security Training Plan Guide Page 29 of 56

30 30 Chapter 5: Security Learning Solutions 5.7 ArcSight Connectors and Connector Appliance Courses ArcSight SmartConnector Foundations and Tool Kits ArcSight SmartConnector Foundations provides you with detailed knowledge to install and configure ArcSight SmartConnectors. Included in the course are detailed walkthroughs for 11 of our most popular Smart and Flex connectors. Audience Recommended Skills Type Prerequisites Duration Administrators Install and configure SmartConnector software; Configure, enable, disable, alter, and remove SmartConnector settings elearning None Estimated eight hours, online, self-paced elearning Micro Focus Education Security Training Plan Guide Page 30 of 56

31 5.4 ArcSight Certification Path ArcSight FlexConnector Configuration ArcSight FlexConnector Configuration training provides you with an overview of the ArcSight SmartConnectors framework and explains the ArcSight ESM Schema. It teaches you how to construct and manipulate FlexConnector configuration and property files and use various parsing methods including fixed delimited, regular expressions, and database query. Examples from standard connectors are used to illustrate devicespecific methodologies. Advanced configuration options such as multi-line Regex, parser linking, and conditional mapping are also covered. Audience Administrators Recommended Skills Install ArcSight Connector software; Configure a functional FlexConnector and test with an ESM Active Channel; Create fixed delimited configuration files; Create common and sub-message parsing and token-to-event mapping; Create a tailored categorization file; Navigate the connector configuration file hierarchy Type Prerequisites Duration VILT None Three days Micro Focus Education Security Training Plan Guide Page 31 of 56

32 32 Chapter 5: Security Learning Solutions 5.8 ArcSight Management Center Course ArcSight Management Center Administration and Operations ArcSight Management Center (ArcMC) simplifies policy configuration, deployment maintenance and monitoring tasks. This course covers techniques needed to centralize device management, user management, and configuration management with ArcMC. Learn integration strategies to reduce daily management of ArcMC, Logger, Connector Appliance and Connectors products. Audience Recommended Skills Type Prerequisites Duration Administrators Experience administering ArcSight Connectors. Knowledge of SmartConnectors, Connector Appliance, ESM and Logger concepts. ILT, VILT None 3 days Micro Focus Education Security Training Plan Guide Page 32 of 56

33 5.4 ArcSight Certification Path ArcSight User Behavior Analytics ArcSight User Behavior Analytics ArcSight User Behavior Analytics (UBA) course provides an overview of the software from installation to management to integration with other ArcSight products. This course is intended for system administrators responsible for ongoing operations and management, and users responsible for integrating data sources in addition to security professionals, security analysts, risk and compliance officers, and IT specialists who need to use the functionality within the User Behavior Analytics. Audience Recommended Skills Type Prerequisites Duration Administrators Experience administering ArcSight Connectors. Knowledge of SmartConnectors, Connector Appliance, ESM and Logger concepts. ILT, VILT None 3 days Micro Focus Education Security Training Plan Guide Page 33 of 56

34 34 Chapter 5: Security Learning Solutions 5.10 Fortify Fortify Introduction When it comes to network and data security, it is essential that web applications are defended against threats and attacks. A common misconception is that firewalls protect an application from all attacks. While a firewall is necessary and an effective solution to control access and protect an organization, it often proves to be ineffective in preventing an application exploit. A firewall cannot protect every parameter of every application that resides behind it. Nor can it completely protect access to the applications. It is for this reason that an effective suite of tools specifically designed to protect web applications is essential. Fortify web application security solutions, available on-premise or on-demand, help you secure your software applications including legacy, mobile, third-party, and open source Fortify Benefits Fortify combines comprehensive static and dynamic testing technologies across 21 languages, with timely security intelligence from the Security Research team. Fortify can be deployed in-house, as a managed service or in a hybrid model taking advantage of the best of both worlds. This flexible delivery model allows security groups to get started quickly and scale in Security for their organization while protecting assets and investments in their applications. These technologies, include: Fortify on Demand Fortify on Demand (FoD) is a managed application security testing service that enables organizations to quickly test the application security of a few applications or launch a comprehensive security program without additional investment in software and personnel. WebInspect WebInspect is an automated, dynamic testing tool that mimics real-world hacking techniques and attacks, and provides comprehensive dynamic analysis of complex web applications and services. Application Defender This application self-protection can help you stop security threats that no one else can even see by protecting production applications from the inside. It s application security simplified. Fortify Static Code Analyzer (SCA) and Software Security Center (SSC) Fortify SCA and SSC provides automated static code analysis to help developers eliminate vulnerabilities, build secure software, and manage both their Dynamic and Static code application testing. Micro Focus Education Security Training Plan Guide Page 34 of 56

35 5.11 Fortify Certification Path Fortify Learning Solutions Fortify Learning Solutions provide a full assortment of role-based, product-oriented courses with delivery options designed to support the most demanding security needs. Fortify Learning Path All users Fortify Security Solutions ATP Application Developers, Security Testers Fortify SSC/SCA Fortify for Developers using Plugins Fortify Foundations Fortify Audit Assistant WebInspect Enterprise: Using and Administering Dynamic Application Testing with WebInspect 5.11 Fortify Certification Path Fortify Certification offerings include both ASP- and ASE-level certifications for the Fortify products and solutions. To obtain the ASP Fortify Security v1 certification, you must successfully pass the Fortify Security Solutions ASP exam. To obtain the ASE Fortify Security v1 certification, you must successfully pass the Dynamic Application Testing with WebInspect OR the Fortify SCA/SSC exam. Accredited Software Professional (ASP) Fortify Security Solutions ASP Certified Software Expert (CSE) Dynamic Application Testing with WebInspect Fortify SCA/SSC Micro Focus Education Security Training Plan Guide Page 35 of 56

36 36 Chapter 5: Security Learning Solutions Fortify Security Solutions ASP Fortify Security Solutions ASP training consists of two days of intensive training in application security and developing and testing software solutions using Fortify products. You will learn about the threats to applications and the architecture and operation of the Fortify solution. Through lectures and hand-on activities, you learn to implement Fortify Static Code Analyzer (SCA), Fortify Software Security Center, WebInspect, and WebInspect Enterprise. Audience Recommended Skills Type Prerequisites Duration Software Developers, Product Managers, Development Managers, Q/A Managers, Q/A Analysts, and Application Security Analysts Knowledge of software development methodologies; Implementation of Fortify products; Knowledge of Fortify Solutions Architecture ILT and VILT None Two days Micro Focus Education Security Training Plan Guide Page 36 of 56

37 5.11 Fortify Certification Path Dynamic Application Testing with WebInspect This WebInspect course outlines the comprehensive, automated web application, Web services, and Mobile vulnerability scanning solution. In this training, security professionals and compliance auditors learn how to quickly and easily analyze the numerous web applications and web services in their environment. This course includes extensive hands-on exercises. Audience Application Developers, Application Testers Recommended Skills WebInspect licensing installation; Use of WebInspect as a dynamic analysis security testing (DAST) tool; Manual, mobile, and work-flow driven scan creation; Web macros and report creation Type Prerequisites Duration ILT None Three days Micro Focus Education Security Training Plan Guide Page 37 of 56

38 38 Chapter 5: Security Learning Solutions WebInspect Enterprise: Using and Administering The goal of this course is to introduce you to WebInspect Enterprise which manages dynamic and static scanning focuses to ensure effective and efficient application security during your SDLC. This course will demonstrate how to create and manage your automated web application vulnerability scans and provide security risk solutions. Also, this course provides participants with hands-on activities using a practical, solutionsbased approach to identify and mitigate today s biggest application security risks. Students learn to create, scan, and manage projects using both Fortify SSC (Software Security Center) and WebInspect Enterprise. Audience This course is intended for application security analysts already using WebInspect to perform DAST on their applications, as well as static analysis through SSC. It is also useful for development managers, security-focused QA testers, security leads, and auditors. Recommended Skills Basic programming skills (able to read Java, C/C++, or.net.), basic understanding of web technologies: HTTP Requests and RSecurityonses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar), familiarity with some of the most common Web application vulnerabilities (i.e. OWASP Top 10), familiarity with application security, experience working with Fortify WebInspect Type Prerequisites Duration ILT None Two days Micro Focus Education Security Training Plan Guide Page 38 of 56

39 5.11 Fortify Certification Path WebInspect Foundations With the licensed Adoption Readiness Tool (ART) for this course, learn how to dynamically scan Web application, services, and mobile devices to find vulnerabilities, remediate, and report any issues WebInspect discovers. This course is intended to answer application security tester s basic WebInspect usage questions. At the end of this course, you will be able to effectively work within WebInspect producing Dynamic Application Security Testing (DAST) to eliminate vulnerabilities and keep up with compliancy before and during your Web application launch. This course includes extensive simulated exercises. Audience Recommended Skills Type Prerequisites Duration Application Developers, QA Testers, Security Testers, Development Managers, Security Experts Basic understanding of web technologies: HTTP requests and responses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP, or similar) elearning None Estimated four hours, online, self-paced elearning Fortify Static Code Analyzer (SCA) - Software Security Center (SSC) This course provides participants with demonstrations and hands-on activities using a practical, solutions-based approach to identify and mitigate today s most common business security risks. You learn to scan, assess, and secure applications using Fortify SSC and the SCA. This course includes extensive hands-on activities. Audience Application Developers, QA Testers, Security Testers Recommended Skills Application scanning; Security remediation; Knowledge of integrating Fortify products with current SDLC practices Type Prerequisites Duration ILT None Four days Micro Focus Education Security Training Plan Guide Page 39 of 56

40 40 Chapter 5: Security Learning Solutions Fortify Foundations This course introduces you to the basics of application security and the role of Fortify. You will learn how to exploit attacks, as well as formulate a threat model and risk assessment for your Application Development Life-Cycle for securing your organization s applications. You will also learn how to use Fortify Static Code Analysis, Audit Workbench (AWB), Scan Wizard, Custom Rules Editor, and Software Security Center (SSC) products to help you achieve secure applications. With hands-on simulations, you will learn how to find and group issues, as well as remediate those issues. You will learn how to effectively administrate Fortify, produce a custom Data Validation rule, read the analysis trace, integrate the AWB with the SSC and manage the SSC for developers, and generate reports. Audience Recommended Skills Type Prerequisites Duration Application Developers, QA Testers, Security Experts Developing with Fortify Applications Security or equivalent knowledge; Basic programming skills (able to read Java, C/C++, or.net.); Basic understanding of web technologies: HTTP requests and rsecurityonses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP, or similar); Computer desktop, browser, and file system navigation skills elearning None Estimated 12 hours (part 1 four hours & part 2 eight hours), online, self-paced elearning Micro Focus Education Security Training Plan Guide Page 40 of 56

41 5.11 Fortify Certification Path Fortify Audit Assistant With the licensed Adoption Readiness Tool (ART) for this course, learn the basics of the Fortify Audit Assistant (AA) add-on for the Fortify Software Security Center and Scan Analytics Tenant. You will learn to define classifiers and prediction policies from the Fortify Scan Analytics tenant and leverage the community intelligence metadata. Then configure your SSC and utilize the AA predictions to identify relevant security issues from your scanned applications. Audience Recommended Skills Type Prerequisites Duration Application Developers Developing with Fortify Applications Security or equivalent knowledge; Basic programming skills (able to read Java, C/C++, or.net.); Basic understanding of web technologies: HTTP requests and rsecurityonses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP, or similar); Computer desktop, browser, and file system navigation skills elearning None Estimated two hours, online, self-paced elearning Micro Focus Education Security Training Plan Guide Page 41 of 56

42 5.12 Atalla 42 Chapter 5: Security Learning Solutions Atalla Introduction Atalla solutions safeguard data throughout its entire lifecycle at rest, in motion, in use across cloud, on-premise, and mobile environments with continuous protection. Protect, manage, and control access to sensitive data by using Atalla products and solutions Atalla Benefits Atalla Information Protection Solutions offer a suite of products that deliver information protection, seamless data security, and superior cryptography. 1. Atalla Cloud Encryption Atalla Cloud Encryption combines powerful data encryption with patented homomorphic split-key encryption technology to increase security and protect keys even when they are used in the cloud. It easily encrypts any disk or data storage unit with proven encryption algorithms such as AES-256 and makes it safe from hackers, unauthorized access, competitors, and other threats. 2. Atalla Information Protection and Control (IPC) Atalla Information Protection and Control (IPC) Suite solves the complex challenge of providing data classification and data security by providing organizations the means to bring protection to the data itself. Atalla IPC applies protection at a point where information is created, and makes that protection persistent, so it follows the information wherever it goes. This secures sensitive data no matter where it actually resides. 3. Atalla Hardware Security Module (HSM) Atalla HSMs are designed specifically for payment processing solutions, delivering high-performing cryptography and key management capabilities for card payment authorization and real-time fraud prevention. 4. Enterprise Secure Key Manager (ESKM) ESKM is a complete solution for generating, storing, serving, controlling, and auditing access to data encryption keys in a secure appliance. Micro Focus Education Security Training Plan Guide Page 42 of 56

43 5.12 Atalla Atalla Learning Solutions Atalla learning solutions include product-oriented courses on the Atalla HSM and ESKM products. Atalla Learning Path Enterprise Security Key Manager Enterprise Secure Key Manager (ESKM) Network Security Processor Atalla Hardware Security Module (HSM) Enterprise Secure Key Manager (ESKM) Training Enterprise Secure Key Manager (ESKM) Training is designed to introduce the ESKM product. This hands-on training includes installation of the ESKM solutions, system configuration, viewing log messages, and performing product upgrades. This course includes hands-on, interactive lab exercises. Audience Individuals working with the ESKM product Recommended Skills Basic understanding of system installations and configurations; Basic understanding of Command Line Interface (CLI) Type Prerequisites Duration ILT None One day Micro Focus Education Security Training Plan Guide Page 43 of 56

44 44 Chapter 5: Security Learning Solutions Atalla Hardware Security Module (HSM) Training This training is designed to introduce the Atalla HSM product. This hands-on training introduces you to HSM features and functionality, including hardware and software features, set up and HSM configuration. This course includes hands-on, interactive lab exercises. Audience Individuals working with the HSM product Recommended Skills Understanding system installations and configurations; Understanding of Command Line Interface (CLI); Understanding of TCP/IP configuration Type Prerequisites Duration ILT None Two days Micro Focus Education Security Training Plan Guide Page 44 of 56

45 5.13 SecureData (formally Voltage) SecureData (formally Voltage) SecureData Introduction SecureData Products SecureData (formerly known as Voltage) is a leading expert in data encryption and tokenization data security solutions for thousands of mid-sized businesses including healthcare organizations, regional banks and insurance providers including transportation, retail, insurance, high tech, healthcare, telecom and the public sector. SecureData solutions provide continuous protection through data classification, data encryption, and key management, offering flexibility, reliability, and manageability SecureData Benefits SecureData Voltage Solutions offer data encryption and tokenization security solutions; across enterprise, cloud, mobile, and Big Data environments. 1. Secur Easy-to-use global scale encryption inside and outside enterprise 2. SecureData Enterprise Complete Protection of PII, PHI, and PCI data for enterprises handling sensitive Information 3. SecureData for Hadoop Protect sensitive data at rest, in motion, and in use in Hadoop and Big Data systems 4. SecureData Payments End-to-end cardholder data protection for merchants and processors 5. SecureData Mobile Provides end-to-end data encryption from native mobile applications to enterprisetrusted hosts 6. SecureData Web End-to-end protection for Web transactions 7. SecureData Sandbox Step-by-step data-centric security experience for architects and developers 8. SecureData Suite for Test and Dev Data-centric protection for sensitive data in test and development environments 9. SecureStorage Manage volume-level encryption for Big Data and other Linux environments 10. SecureFile Enterprise document and file encryption, inside and outside the Cloud Micro Focus Education Security Training Plan Guide Page 45 of 56

46 46 Chapter 5: Security Learning Solutions SecureData Learning Path The SecureData learning solutions include product-oriented courses on SecureData products and solutions. Introduction to SecureData SecureData Foundations Introduction to SecureData The Introduction to SecureData (elearning) course provides a high-level overview of the SecureData suite of products and describes how these solutions work to protect sensitive data. This course is designed to equip you with the information needed to maximize the impact of SecureData products by utilizing and customizing their full range of features. In doing so, you be able to reduce downtime and costs as you leverage the strength of each product feature. Audience Recommended Skills Type Prerequisites Duration This introductory course is intended for anyone interested in learning about SecureData solutions. Basic understanding of of your organization s security requirements and Basic understanding of the SecureData solution elearning None Approximately One hour Micro Focus Education Security Training Plan Guide Page 46 of 56

47 5.13 SecureData (formally Voltage) SecureData Foundations SecureData Foundations training is designed to help customers recognize the functionality of SecureData products, aimed at meeting their organization s data security requirements. This course provides demonstrations and hands-on activities using a practical, solutions-based approach. Audience This course is intended for all members of the project team, including security teams, architects, project managers, developers, and operations personnel. Recommended Skills Basic understanding of of your organization s security requirements and the Voltage SecureData solution Type Prerequisites Duration ILT None Two Days Micro Focus Education Security Training Plan Guide Page 47 of 56

48 Education empowers people.

49 6. Contact Us Want to enroll in a training class? Schedule onsite or web-based training? Or ask a training question? Contact us. We re here to help! Micro Focus Education operates in the Americas, Europe, Middle East, Africa, Asia Pacific and Japan. For questions about training in your region, please contact us using: Micro Focus Education From this webpage you can provide us with your contact details and descriptions concerning your inquiry. One of our regional training coordinators will be in touch to assist you. For general feedback please educationfeedback@microfocus.com Micro Focus forums and blogs Join the conversation with experts and colleagues to get advice, discuss issues, and find solutions. Register an account to post on the Community Knowledge Base. Micro Focus Education Terms and Conditions Micro Focus Education Security Training Plan Guide Page 49 of 56

50 This page intentionally left blank.

51 7. The Other Training Plan Guides Want to learn about courses from Application Delivery Management, Cloud & Automation, Application Performance Management, IT Service Manager, Enterprise Security Products, or Vertica? Visit the Training Plan Guide portal to see the other Training Plan Guides. Application Delivery Management Application Delivery Management (ADM) solutions help you release applications faster through improved collaboration, traceability, and productivity. This Training Plan Guide provides an overview all offerings within the ADM portfolio including ALM, ALM Octane, Unified Functional Testing, LeanFT, Performance Center, LoadRunner, StormRunner Load and Mobile Center. Cloud and Automation The adoption of mobility and cloud computing is accelerating the application life cycle and increasing pressure to take a user-centric approach to design and delivery. This Training Plan Guide overviews all offerings within the Cloud and Automation portfolio. Micro Focus Education Security Training Plan Guide Page 51 of 56

52 52 Chapter 7: The Other Training Plan Guides Application Performance Management Application Performance Management (APM) is an application monitoring and management solutions that provide a 360 view to ensure the performance of desktop, web, and mobile apps in your on-premise, cloud, or hybrid environments. Operations Bridge Operations Bridge provides the ability to sense, analyze and adapt to manage IT services that support digital business. With advanced event correlation, log intelligence, predictive analytics and automation you can remediate issues across all your technologies to prioritize business targets. Network Operations Management Network Operations Management (NOM) suite provides a fully comprehensive and automated solution that fine tunes fault management and increases availability, unifies fault and performance management, automates change and configuration management to enable compliance, and automates IT processes. Dev Ops Micro Focus provides the consultancy and expertise needed to realize business value from Micro Focus Software. Micro Focus Education provides training on Micro Focus DevOps Solutions and third party software to drive adoption and maximize your business value. The Education available includes: DevOps training, Agile Training and IT4IT training. IT Service Management Micro Focus IT Service Management software and solutions allow you to access comprehensive IT and business services that propel your enterprise to growth and innovation. This Training Plan Guide overviews all offerings within the IT Service Management portfolio. Information Management & Governance Micro Focus Information Governance solutions efficiently protect a new generation of Big Data, which is spread across a range of locations, applications, and formats. Our solutions deliver comprehensive, easy-to-use data protection that maximizes storage efficiency and performance. Check out the Training Plan Guide to learn more. Vertica Vertica allows you to manage and analyze massive volumes of structured and semistructured data quickly and reliably. This guide outlines our ever-growing portfolio of courses on managing your Vertica environment and performing in-depth analysis of your data. Micro Focus Education Security Training Plan Guide Page 52 of 56

53 Security Products From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. Micro Focus Security Products is our answer to these threats and attacks. This Training Plan Guide overviews all offerings within the Security portfolio. 53 Security Awareness By now, security education should be a top priority for any organization with information to protect, which is EVERY organization. Technology is a credible line of defense, but it cannot be the only one. Your employees need to know how they can help protect your company s sensitive data and be motivated by why they should care about protecting it. By simply educating your employees on security best practices, you can prevent 40% of data breaches caused at organizations by careless or unwitting insiders. This Training Plan Guide lists all the Security Awareness learning solutions. Micro Focus Education Security Training Plan Guide Page 53 of 56

54 Index Accreditation, 11 ArcSight Creating Advanced ESM Content for Security Use Cases, 27 ArcMC, 32 Benefits, 20 Building Security Use Cases with ESM, 26 Certification Path, 21 ESM 6.5 Administrator and Analyst ASP, 23 ESM Advanced Administrator ASE, 25 ESM Advanced Analyst CSE, 24 FlexConnector Configuration, 31 Learning Solutions, 20 Logger Administration and Operations CSE, 28 Logger Search and Reporting, 29 Security Solutions ASTP, 22 SmartConnector Foundations and Tool Kits, 30 UBA, 33 Atalla, 42 Benefits, 42 Enterprise Secure Key Manager (ESKM) Training, 43 Hardware Security Module (HSM) Training, 44 Introduction, 42 Learning Solutions, 43 Best Defense Is a Good Offense, 10 Certifications, 11 Contact Us, 49 Education, 13 Control, 13 Getting Ahead of the Game, 14 Protecting your Investment, 14 Return on Investment, 14 Time to Market, 14 Enterprise Security Products Approach, 9 Fortify, 34 Benefits, 34 Certification Path, 35 Fortify Audit Assistant, 41 Fortify Foundations, 40 Introduction, 34 Learning Solutions, 35 Security Solutions ASP, 36 Micro Focus Education Security Training Plan Guide Page 54 of 56