https://www.udemy.com/course/what-is-msiexec-and-how-to-detect-it

SIEM SEC Series

What you'll learn: 

Understand how Detect MsiExec Web Install

Learn what MsiExec is and why its important

Understand how to fine tune SIEM queries to create effective alert

Complete quiz questions to test your knowledge on how to best implement MsiExec Web Install alerts

Requirements:

Basic SIEM knowledge

Basic computing knowledge of Windows, MAC, and Linux

Description:

In this course, you will learn about MSI files and more specifically Msiexec, and how you can start to detect them within your SIEM solution. I have provided learners with a base search query to start you off with at the end of this course in some of the most popular SIEM solutions. From these base searches, I will provide you with some direction and tips on how to further refine those searches to create effective monitoring dashboards or even high fidelity alerts in your SIEM.

The overall intent of these SIEM SEC Series courses is to deliver you tangible knowledge that you can quickly apply to your environment as soon as you finish the course. I aim to keep these courses short and concise, with the mindset that you can complete one or two of these within your lunch break at work. Ideally, the knowledge learned will help you prevent thousands of dollars in breach damage.

I hope you enjoy the course and feedback is always welcome. I am willing to sculpt further courses to meet the needs of my learners. At the end of the day, I want these to be highly beneficial, with an instant return on investment.

Who this course is for:Beginner to intermediate Security or IT personal

Who this course is for:

Beginner to intermediate Security or IT personal