course overview
download outline
Overview
In this course you learn how to integrate QRadar EDR and SIEM by creating an API application in QRadar EDR and by adding a new log source in QRadar SIEM to add endpoint detection and alerts to QRadar SIEM. Integrating QRadar EDR and SIEM amplifies the power of QRadar XDR (extended detection and response) by leveraging AI and automation opportunities. Having advanced and automated response capabilities enables analysts to focus on the fight in front of them.
This course applies to version 3.12 of the on-premises IBM Security QRadar EDR offering.
'Audience
This course is tailored to IT security analysts in a Security Operations Center (SOC) environment who are tasked with endpoint protection and threat hunting, as well as QRadar EDR administrators, incident responders, and managed service security providers (MSSP).
Skills Gained
In this course you learn to do these activities:
Outline
Unit 1: Integrating with QRadar SIEM
Unit 2: QRadar EDR - integrating with QRadar SIEM - Lab
If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.
Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.
All $ prices are in USD unless it’s a NZ or AU date
SPVC = Self Paced Virtual Class
LVC = Live Virtual Class
Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.
