configure IPS, linux iptables, checkpoint firewalls, lea protocol and create related siem rules.
advantage: people that are familiar with windows eventlog and know how to make parsers for security incidents.
advantage: know how to collect data from checkpoint fw-1 via lea protocol
advantage: expert and experience with writing parsers and rules
I'm IBM Q1 Radar Expert with 3 years of experience working with various SIEM systems.
I'm also IBM IPS expert with 5 years of experience working with various IPS systems such as McAfee ,Juniper and IBM.
Deep Knowledge with event collection and event parsing for SIEM systems from windows and Linux systems.
Deep knowledge in Checkpoint Firewalls with 10 years of design,configuration and deployment.
Great knowledge of OPSEC protocol using ELA and LEA for data extraction for Checkpoint Event log