course overview
download outline
Overview
QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses.
This 2-day instructor-led course walks you through various advanced topics about QRadar such as custom log sources, reference data collections and custom rules, X-Force data and the Threat Intelligence app, UBA and QRadar Advisor, tuning and custom action scripts. The course also discusses integration with IBM SOAR. Hands-on exercises reinforce the skills learned.
The lab environment for this course uses the IBM QRadar SIEM 7.5 platform.
'Audience
This course is designed for security administrators and security analysts.
Skills Gained
Prerequisites
Students should be knowledgeable about the following topics:
Outline
Unit 1: Custom log sources
Unit 2: Reference data collections and custom rules
Unit 3: IBM X-Force Threat Intelligence in QRadar
Unit 4: User Behavior Analytics and Advisor with Watson
Unit 5: Tuning
Unit 6: Custom action scripts
Unit 7: IBM SOAR integration
If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.
Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.
All $ prices are in USD unless it’s a NZ or AU date
SPVC = Self Paced Virtual Class
LVC = Live Virtual Class
Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.