RSA Archer - Question for GRC ninjas

UnixGuy

Simple questions, is RSA Archer a tool worth my time investment? is it in demand? I don't have a good background in GRC, but would learning and using Archer on the job help get my foot in the door for GRC work?

Share your experience

Ertaz

UnixGuy wrote: »

Simple questions, is RSA Archer a tool worth my time investment? is it in demand? I don't have a good background in GRC, but would learning and using Archer on the job help get my foot in the door for GRC work?

Share your experience

I use it in my day to day. I do nothing advanced with it myself, ( I did some SQL scripting for a data feed from Orion). I added a reference to it in the skills section of my resume. 1 in 3 calls I get are about it now. I have to tell them no thank you, because I'm not a guru yet.

DatabaseHead

We are moving away from it and building an in-house solution. We use it for predominately risk management. The database is a blackbox, and you can barely get anything out of there. You have to export using XML reports, not very efficient. They lock their Stored Procedures down, that's their secret sauce and good luck getting a database schema, the principal all but laughed in my face when I asked for one....

I have set up several ETL feeds into Archer using their XML and Database transporters. My honest opinion, if you have a talented development team you could build a custom app to meet / scale to your business.

Overall not impressed......

Side note I am a master data analyst, so I am not using the front end to often, dealing with automating into data mart and warehouses. So my experience is pretty much from ETL.

Ertaz

DatabaseHead wrote: »

We are moving away from it and building an in-house solution. We use it for predominately risk management. The database is a blackbox, and you can barely get anything out of there. You have to export using XML reports, not very efficient. They lock their Stored Procedures down, that's their secret sauce and good luck getting a database schema, the principal all but laughed in my face when I asked for one....

I have set up several ETL feeds into Archer using their XML and Database transporters. My honest opinion, if you have a talented development team you could build a custom app to meet / scale to your business.

Overall not impressed......

Side note I am a master data analyst, so I am not using the front end to often, dealing with automating into data mart and warehouses. So my experience is pretty much from ETL.

I've always heard that it shines on the analytics side/dashboard side. I suppose it's just another canned framework for data collection. What do you guys use to correlate your vulnerability data?

DatabaseHead

Ertaz wrote: »

I've always heard that it shines on the analytics side/dashboard side. I suppose it's just another canned framework for data collection. What do you guys use to correlate your vulnerability data?

SSAS

I found the analytics to be pretty weak, a lot of guessing and assumptions through the use of weighted averages. We use SSAS BI Edition, mainly using decision tree and cross correlation through the data mining tools. Visualization Power BI and SSRS for tabular reporting. We do have a BO report server spun up as well for reporting, but for statistics we use Cubes and Tabular in-memory tables for our data warehouse layer and BO, Power BI and SSRS for our presentation layer. I'd like to get access to SAS or Tableau, I don't have enough R development knowledge to frame and build charts etc...

Side note for the youth looking for opportunities and direction. Learn stats and R.

We are a small shop occupying in a very large one so we don't have the resources to afford a data scientist or some other BI professional and to be honest they would probably get bored after a few months. I'm picking up some skills as I go....

Ertaz

DatabaseHead wrote: »

SSAS

I found the analytics to be pretty weak, a lot of guessing and assumptions through the use of weighted averages. We use SSAS BI Edition, mainly using decision tree and cross correlation through the data mining tools. Visualization Power BI and SSRS for tabular reporting. We do have a BO report server spun up as well for reporting, but for statistics we use Cubes and Tabular in-memory tables for our data warehouse layer and BO, Power BI and SSRS for our presentation layer. As far as analysis goes we use the Excel data-mining plugin. I'd like to get access to SAS or Tableau, I don't have enough R development knowledge to frame and build charts etc...

We are a small shop occupying in a very large one so we don't have the resources to utilize a data scientist or some other BI professional, although we are training ourselves in that path.

Thanks for the info. It makes me think that an MCSE:BI cert would be a good investment .

DatabaseHead

Taking a break right now from 70-461

It's hiliarous how much you actually miss when you get tossed into the work force and start learning a technology. I can build cubes and tabular in memory data models, but I don't know how to grant permissions for an end user for a particular database schema.

One other thing I started to pick up is DAX, very powerful especially with the 2016 BI stack.

I have a feeling, once I get into the integration and data warehousing I'll really start to take off. I literally missed DBA 101 lol.

Ertaz

DatabaseHead wrote: »

Taking a break right now from 70-461

It's hiliarous how much you actually miss when you get tossed into the work force and start learning a technology. I can build cubes and tabular in memory data models, but I don't know how to grant permissions for an end user for a particular database schema.

One other thing I started to pick up is DAX, very powerful especially with the 2016 BI stack.

I have a feeling, once I get into the integration and data warehousing I'll really start to take off. I literally missed DBA 101 lol.

What are your study resources? I was using the free training from MS. I have been using the DAX within excel 2016 with power pivot and slicers. I feel like I'm teaching myself piano...

DatabaseHead

I'm a data guy true and through, not really an IT guy, but of course I have to use the tools so I might as well get certified.

Right now I am using CBT Nuggets and the training kit. After 461 I am going to 463, I want to get my momentum up before I take on the administration exam. That to me just bores me to tears...... Our senior .net Dev takes care of all of that.....

I love the use of DAX, especially for distinct counts. You can build a fact table, basically just creating a view and instead of creating nasty Derived tables or CTE's you can use DAX to control the row level data in your fact table. It can be pretty easy, much much easier than building multi dimensional cubes.

UnixGuy

Wait I'm confused...so some of the answers are on the Data side of the product.

what about if you just of GRC work? I assume you will be a user rather than a developer? I'm more interested in compliance and governance consulting side of things

TheFORCE

UnixGuy wrote: »

Wait I'm confused...so some of the answers are on the Data side of the product.

what about if you just of GRC work? I assume you will be a user rather than a developer? I'm more interested in compliance and governance consulting side of things

Yes it will give you some advantage and you will get calls for it, if you have it on your resume. We don't use it, we use a different program but i heard everyone raving about archer. I thinking knowing GRC though would help you more than just having archer. CGEIT would be a good study to look at, just to get an idea.

Remedymp

I work on Archer as I do work for the company that produces it. But, I only use it for InfoSec work. It is worth learning if that is the tool of choice.

Ertaz

Remedymp wrote: »

I work on Archer as I do work for the company that produces it. But, I only use it for InfoSec work. It is worth learning if that is the tool of choice.

Tell me your unofficial thoughts on the Threat module.

the_Grinch

Have to say, I have never heard of this software, but boy are there jobs in my area for it!

UnixGuy

So this software is hot at the moment. I see tons of jobs for GRC and they pay damn well, just not sure how to get my foot in the door. I'll be learning Archer at work (not in depth but still something). Auditing jobs seems very promising these days.

jcundiff

@UnixGuy I am an Archer Certified admin, if you are wanting short term gigs (6 weeks to 6 months) then definitely learn it and get the RSA cert. I get at least 2 contract offers a month. Archer is a niche, but its a fairly lucrative niche. It is definitely going to be a huge plus if consulting. When I was going through the advanced admin course a couple of years ago, there were a couple of BC/DR folks from one of the huge consulting companies ( not the big 3 but think 4,5,or 6) going through the basic/advanced course to learn Archer because they could not find Archer trained resources to support their needs (client's needs).

@Ertaz, lets talk offline... I transitioned out of our GRC team into our Threat Intel team about 1.5 years ago ( was the team at that point :O ) and have been building our processes out in Archer as ODAs.

UnixGuy

@jcundiff: thanks for the great answer! I didn't know there were Archer certifications...so I looked at the administrator cert and it seems pretty straightforward-ish...do you reckon if I play with Archer little bit in the test environment I can give it a go?

jcundiff

PM inbound and yes there is an Archer certified Admin RSA cert

UnixGuy

you are a legend @jcundiff thanks for the reply.

I'm trying to gain more experience with this software, and hoping to gain more insights into the world of GRC as well.

Ertaz

You guys sure are up late. @jcundiff I will shoot you a PM in the AM. I'd be very interested to see how you're doing threat mgmt.

jcundiff

Ertaz wrote: »

You guys sure are up late. @jcundiff I will shoot you a PM in the AM. I'd be very interested to see how you're doing threat mgmt.

got to get study time in where you can then took a break and scanned the boards