Introduction to Cloud SIEM
Get started with Datadog Cloud SIEM. Learn how Cloud SIEM detects threats, supports investigation workflows, and helps teams maintain strong security operations. Investigate threats in a real cloud environment.
Learning Objectives
Upon completing this course, you will be able to:
- Describe how Cloud SIEM transforms logs into actionable security signals through detection rules
- Identify the log sources that power Cloud SIEM, including cloud audit logs, identity systems, and network flow logs
- Explain how OCSF normalizes data across different sources for consistent detection
- Use investigation tools including dashboards, Risk Insights, Cloud SIEM Investigator, and Bits AI
- Apply operational best practices for measuring and improving security operations effectiveness
Primary Audience
- DevOps and security engineers interested in securing their cloud environments with a SIEM (Security and Incident and Event Management) tool.
- Cloud practitioners interested in threat detection in a public cloud environment.
Prerequisites
The following are prerequisites for this course:
- Required: Familiarity with Log Management in Datadog
- Recommended courses:
Technical Requirements
In order to complete the course, you will need:
- Google Chrome or Firefox
- Third-party cookies must be enabled to access labs
Course Navigation
At the bottom of each lesson, click MARK LESSON COMPLETE AND CONTINUE button so that you are marked complete for each lesson and can receive the certificate at the end of the course.
Course Enrollment Period
Please note that your enrollment in this course ends after 30 days. You can re-enroll at any time and pick up where you left off.
Course Curriculum
-
-
Introduction
-
-
-
Ingest and Enrich Logs
-
Detect Threats
-
Triage and Investigate
-
Respond and Report
-
-
-
Lab Overview
-
Lab: Introduction to Cloud SIEM
-
-
-
Summary
-
Feedback Survey
-
Introduction to Cloud SIEM
- 2 hours to complete
- 8 Lessons
- Intermediate
