- Course
Incident Detection and Investigation with QRadar Apps
This course will teach you about the main QRadar apps and how you can improve your incident investigation with them. You learn not only the technical aspect of each app, but also the investigation step-by-step of the main incident types using apps.
Intermediate
- Course
Incident Detection and Investigation with QRadar Apps
This course will teach you about the main QRadar apps and how you can improve your incident investigation with them. You learn not only the technical aspect of each app, but also the investigation step-by-step of the main incident types using apps.
Intermediate
Get started today
Access this course and other top-rated tech content with one of our business plans.
Try this course for free
Access this course and other top-rated tech content with one of our individual plans.
This course is included in the libraries shown below:
- Security
What you'll learn
One of the major features introduced in QRadar is the ability to install apps, which expands the SIEM features and helps on incident investigation. In this course, Incident Detection and Investigation with QRadar Apps, you will learn about the most interesting QRadar apps for a SOC analyst. First, you will learn how to create interactive dashboards with the Pulse app. Next, you will discover about the use of artificial intelligence for incident investigation using the QRadar Advisor with Watson app. Finally, you will explore how to detect internal threats using the User Behaviour Analytics (UBA) app. You also will explore other interesting apps that will help you to monitor QRadar system health. The course is filled with demos showing the QRadar apps being used in several incident investigations, such as malware outbreaks, rouge employees, internal threats, and compromised accounts. When you're finished with this course, you will have the skills and knowledge of the main QRadar apps needed to improve your incident investigation game.
Incident Detection and Investigation with QRadar Apps
Intermediate
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.