Where are the SIEM training options?

Question

I want the option for multiple days of instructor led training with labs and exams. This should cover topics like writing custom parsers, configuring custom ingestion, general administration, dashboards, search, etc.

Instead, we have this video that spends less than 15 minutes discussing detection rules - https://www.skills.google/paths/187. The documentation alone isn’t enough for someone like me to magically understand how everything works. I’ve also highlighted documentation issues with our sales team + support over the past year where information was missing or just wrong, which is even less of an incentive to use the documentation for anything beyond basic reference.

I’m hearing the same complaints from the company we partnered with to help migrate to SecOps. They’re hearing the same complaints from other SecOps customers they support. I’m under the impression there’s a certification option for SecOps now. Who is the audience for this cert and how do they even prepare for it?

kentphelps · Answer

Here is the link for the Professional Security Operations Engineer exam details which includes links to training and the exam topic outline so that may be of some help. There is a learning path on Cloud Skills Boost for the exam. The training and exam also cover Google Threat Intel and Security Command Center but the majority of the material is SecOps SIEM & SOAR.

There is also a lot of material on the Community including some on demand Webinars that deep dive into some of the topics you mention above. I highly recommend @jstoner ‘s New to Google SecOps Blog series and also @cmmartin_google ‘s @thatsiemguy on Medium.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded