This course is designed to help you deploy a proper vulnerability management program using the IBM QRadar Vulnerability Management (QVM), a solution that allows you to scan your company for vulnerabilities directly from the QRadar console.
One of the main advantages of using QRadar is its variety of features in one single solution. In this course, Vulnerability Management with QRadar, you'll learn how to use the tool to detect vulnerabilities in your environment and correlate them with other information in your SIEM, such as events and flows. First, you'll learn how to identify the scope of a scan and how to work with the stakeholders to properly schedule a scan. Next, you'll be shown how to configure the scans on the tool and how to run them. Then, you'll explore the process of creating a vulnerability remediation plan, in which you'll prioritize the vulnerabilities according to your company needs. Finally, you'll discover how to investigate critical vulnerabilities and how to identify signs of exploitation. When you are finished with this course, you'll have the skills and knowledge of QVM needed to implement and run a vulnerability management program in your IBM QRadar environment.
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.
Course Overview Hi everyone, my name is Ricardo, and welcome to my course, Vulnerability Management with QRadar. I'm a cybersecurity consultant with years of experience in QRadar, and I'll be showing you everything you need to know to implement a vulnerability management program using QRadar. The interesting part of this course is that we cover not only the technical parts of QRadar, but also the processes and strategies to implement a good vulnerability management program. For example, you not only learn how to properly configure scanning in QRadar, but also, you'll learn how to identify which service should be scanned and how to create a proper vulnerability remediation plan. And in my opinion, that's exactly what differentiates a guy that just knows the tool from a real QRadar specialist. By the end of this course, you'll be able to understand the vulnerability management process, identify the scan scope, configure the scans in QRadar, run the scans and generate the reports, create a vulnerability remediation plan, and investigate a critical zero-day vulnerability. Keep in mind that this course is an intermediate course, so it is expected that you have some basic knowledge on QRadar. If it is your first time with this tool, I do recommend you checking my previous course called Incident Detection and Investigation with IBM QRadar, which you can find here at Pluralsight. It is also expected that you have some basic understanding of the main vulnerabilities. Also, as we have a lot of demos in this course, I do recommend you having QRadar environment in which you can test the concepts with your own hands, so then you can get the most out of this course. So, I hope you join me in this journey to learn about vulnerability management with QRadar here at Pluralsight.