Module 1 establishes the foundational knowledge required for all security professionals, providing essential context for understanding why security monitoring and threat detection are critical. This module bridges the gap between general IT knowledge and security-specific practices by introducing core cybersecurity concepts that form the basis for Argus implementation.
What You'll Learn:
• The definition, scope, and importance of cybersecurity in protecting organizational assets
• Key security concepts including confidentiality, integrity, and availability (CIA triad)
• Common threat types, attack vectors, and risk management approaches
• How security monitoring fits into an organization's overall security strategy
• Regulatory frameworks and compliance obligations that drive security requirements
Learning Outcomes:
• Understand the cybersecurity landscape and threat environment
• Recognize the importance of continuous monitoring in modern security
• Identify compliance requirements relevant to your organization
Module 2 introduces learners to Argus as a comprehensive security platform, covering its core capabilities, and deployment methodologies. This module is critical as it shifts focus from theory to practical implementation, teaching how to deploy and connect Argus agents across different operating systems and environments.
What You'll Learn:
• Argus platform architecture: manager, agent, and dashboard components
• Key features including threat detection, compliance monitoring, and incident response
• Agent deployment procedures for Windows, Linux, and macOS systems
• Configuration management and agent connectivity
Learning Outcomes:
• Deploy Argus agents successfully on multiple operating systems
• Understand the communication flow between agents and the Argus manager
• Configure agents for optimal data collection
• Troubleshoot common deployment issues
• Design an agent deployment strategy for an organization
Target Audience: System administrators, IT operations professionals, security practitioners looking to implement Argus
Module Overview: Module 3 dives deep into Argus's most powerful security detection capabilities, focusing on File Integrity Monitoring (FIM) and Security Configuration Assessment (SCA). These modules represent the core strength of Argus in identifying unauthorized changes and configuration weaknesses that could expose systems to attack.
What You'll Learn:
• File Integrity Monitoring (FIM):
o How FIM establishes baselines and detects unauthorized file changes
o Configuration of critical directories and files for monitoring
o Real-time alerting on suspicious file modifications
• Security Configuration Assessment (SCA):
o Automated scanning against security benchmarks and standards
o Configuration assessment profiles and policies
o Identifying compliance gaps and misconfigurations
• Vulnerability Detection:
o How Argus identifies vulnerable software and packages
o Integration with vulnerability databases
o Prioritizing vulnerability remediation
Learning Outcomes:
• Configure FIM to monitor critical system files and directories
• Interpret FIM alerts and investigate unauthorized changes
• Run SCA scans and analyze configuration assessment results
• Generate compliance reports from assessment data
• Develop a vulnerability management strategy using Argus
Module Overview: Module 4 focuses on the Argus dashboard, the primary interface for security monitoring and incident investigation. This module teaches practitioners how to effectively use dashboards, and reporting features to gain actionable security intelligence and communicate security posture to stakeholders.
What You'll Learn:
• Dashboard interface navigation and customization
• Key widgets and visualizations for security monitoring
• Real-time alerts and event investigation
• Creating and interpreting security reports
• Exporting data for executive stakeholder communication
• Drill-down analysis and root cause investigation
• Using search and filter capabilities for incident response
Learning Outcomes:
• Navigate the Argus dashboard with proficiency
• Generate compliance and security reports
• Conduct investigations using dashboard search and filters
• Present security findings to technical and non-technical audiences
• Use dashboards for proactive threat hunting
Module Overview: Module 5 is the capstone module that brings together all previous knowledge to teach threat detection methodologies using Argus.
What You'll Learn:
• Argus rule language and syntax
• Rule severity levels and alert prioritization
• Detection logic for common attack patterns
• Brute Force Attack Detection:
o Identifying repeated failed authentication attempts
o Threshold-based alerting for suspicious login activity
o Correlating brute force attempts across systems
• Threat Hunting Techniques:
o Proactive searching for indicators of compromise
o Analyzing behavioral anomalies
o Correlating events across multiple data sources
o Building investigation timelines
Learning Outcomes:
• Create custom detection rules for organization-specific threats
• Understand the mechanics of common cyberattacks
• Detect and investigate brute force
• Conduct proactive threat hunting investigations