IBM QRadar SIEM Advanced Topics
Code:
BQ204G
Duration:
2 Day
|
$1860
USD
|
QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses.
This 2-day course walks you through various advanced topics about QRadar such as custom log sources, reference data collections and custom rules, X-Force data and the Threat Intelligence app, UBA and QRadar Advisor, tuning and custom action scripts. The course also discusses integration with IBM SOAR. Hands-on exercises reinforce the skills learned.
The lab environment for this course uses the IBM QRadar SIEM 7.4 platform.
This course is available in the following formats:
Duration: 2 Day
Duration: 2 Day
Delivery Format: Virtual Classroom
|
$ 1860 |
|
Delivery Format: Virtual Classroom
|
$ 1860 |
|
Delivery Format: Virtual Classroom
|
$ 1860 |
|
Delivery Format: Virtual Classroom
|
$ 1860 |
- Learn how to create custom log sources
- Discover how to work with reference data collections and custom rules
- Use X-Force data and Threat Intelligence app
- Use the Use Case Manager app
- Learn how to use UBA and QRadar Advisor
- Discover Tuning
- Explore Custom action scripts
- Discuss Integration with IBM SOAR
Module 1
- Custom log sources
Module 2
- Reference data collections and custom rules
Module 3
- IBM X-Force Threat Intelligence in QRadar
Module 4
- User Behavior Analytics and Advisor with Watson
Module 5
- Tuning
Module 6
- Custom action scripts
Module 7
- IBM SOAR integration
Module 1
- Custom log sources
Module 2
- Reference data collections and custom rules
Module 3
- IBM X-Force Threat Intelligence in QRadar
Module 4
- User Behavior Analytics and Advisor with Watson
Module 5
- Tuning
Module 6
- Custom action scripts
Module 7
- IBM SOAR integration
Students should be knowledgeable about the following topics:
- IT infrastructure
- IT security fundamentals
- Linux
- Windows
- TCP/IP networking
- Syslog
- Foundational skills for the IBM QRadar Security Intelligence Platform (at least the skills that are taught in the IBM QRadar SIEM Foundations - BQ104 course)