Description
Course info
Level
Beginner
Updated
Sep 26, 2019
Duration
3h 35m
Description

IBM Security QRadar is a leader in SIEM solutions according to the 2016 Gartner Magic Quadrant. In this course, Incident Detection and Investigation with QRadar, you will explore QRadar’s main features from an SOC analyst perspective. First, you will explore what SIEM is and how QRadar provides more functions than a regular SIEM. Next, you will walk through all relevant functionality provided by the tool and some extra functions, such as Risk Manager and Vulnerability Manager. Finally, with the SIEM basics covered, you will dive into incident investigation using QRadar, where you will learn about events, flows, and offenses. When you’ve completed this course, you’ll understand how to investigate the most common cyber threats using QRadar. This course covers the objectives of the "IBM QRadar SIEM V7.3.2 Fundamental Analysis" exam (Exam C1000-018) which is required to achieve the "IBM Certified Associate Analyst - IBM QRadar SIEM V7.3.2" certification.

About the author
About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

More from the author
Vulnerability Management with QRadar
Intermediate
1h 33m
May 23, 2019
More courses by Ricardo Reimao
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] Hi, My name is Ricardo. And welcome to the instant detection. An investigation with curator I'm a separate secure consultant with years experience in the IBM curator and Ethan investigation, and I'll be showing you pretty much everything need to know for your role as a stock analyst in a curator environment. In my opinion, the interesting thing about this course is that recovered not only the technology itself, but also this sign knowledge that ____ on it should have any investigation. For example, in the case of a rent somewhere outbreak wouldn't know which logs you should look to identify the orange of the infection. Or would you know which devices could provide you with information for the investigation? That's the difference between knowing only the curator to and knowing that too pleasant investigation knowledge. We started scores by giving an overview of the curator in discussing the basic concepts related to such as data collection and the curator architecture. Then we cover the investigation process and how to investigate isn't in curator, and then we close the course by its casing reports and dashboards. Discourse contains a lot of demos. You should be able to see each concept being applying the real life scenarios, and by the end of this course, you'll be able to and they stay in the investigation process, understand the curator conjecture and inner workings, perform even and flow searches, investigator offenses, customized reports and, as mentioned before, you'll be able to understand the main security traps and how they can be investigated. Also, if you're playing to take the IBM curator from the Mental Analysis Education, you're in the right place. The content of scores is based on the certification requirements. So I hope you join me in this journey to learn about the Eastern Detection investigation with curator here a parasite.