Please read carefully
Using the listed tools, continue updating the following tools based on the examples provided on the first three bullets.
In case you don’t have an idea of what the tools is used for, please do a google search and use the features found in each tools to make your write up. Each tools MUST have at least 4 – 5 Sentences in each tool description.
Choose any of the listed Departments for each tools
Department of Education
Department of Commerce
Department of Agriculture
Department of Treasury
Splunk (5 years): Installed and configured tool at the Department of Education. I used Splunk for performed log analysis to identify compromised servers in support of incident response team. Created dashboard and alert for identification of Anti-Virus alert for all workstations connected to the department’s network. Attended Splunk for Architects training and Splunk for Administrators training, both in 2017. Provided Splunk overview training to junior analysts.
SourceFire (3 years): Tuned and modified rules at the Department of Education. I used Sourcefire for Identifying IOCs and threat vectors in support of remediation during investigation of an incident. I also used SourceFire for detection and blocking malicious IOCs provided during threat Intel research. Created dashboards, alert and report based on the required information requested by management.
ArcSight ESM (3 years): Monitoring and analysis at the Department of Education. Performed content creation and dashboards for visibility of real-time incidents occurring within the Department’s network. I also used ArcSight for log correlations across multiple devices categories. Additional, I customized alert based on any suspicious event shown within the active channel list.
FireEye EX (3 years):
RSA Analytics ( 4 years):
BlueCoat ASA ( 3 years):
Fidelis XPS (2 years):
Microsoft EOP (5 years):
RSA Security Analytics (5 years)
RSAArcher (6 years)
Wireshark (3 years)
TCPDump (4 years)
Snort (2 years)
McAfee ePolicyOrchestrator ( 4 years)
Imperva Secure Sphere (WAF) (3 years)
Network Access Control CounterACT (NAC): (4 years)
McAfee Web Gateway (5 years)
Active Trust (4years)
Red Seal, Console (MAM)
IBM AppScan
Encase
FTK
Tenable Security Centre
Cisco IronPort
Mail Filtering
NMAP
BurpSuite
Metasploit,
Symantec Endpoint Protection,
HP WebInspect,
Lookinglass Prime
REMnux
Windows Server 2012
VMware
ForcePoint
Raytheon (Sureview)
Nagios
The tools listed above are security analyst tools
EVERYONE PLEASE BE AWARE THIS IS NOT A RESEARCH PAPER. Read from the details before taking on this task.
Due 10/7/2017