Monitor and Detect with IBM Security QRadar

Focused View

Ricardo Reimao

2:10:08

129 View

Exercise Files

ibm-security-qradar-monitor-detect.zip

Module 1 - Course Overview

1. Course Overview.mp4

01:19

Module 2 - The Offense Triage Process

1. Understanding the SOC Analyst Role.mp4

03:20

2. The Offense Triage Process.mp4

06:34

3. Offense Handling in QRadar.mp4

04:26

Module 3 - Triaging Offenses in QRadar

1. Understanding Offense Triage in QRadar.mp4

02:48

2. Credential Brute Forcing Attacks.mp4

09:30

3. Port Scanning Detection.mp4

05:52

4. Malware Activity.mp4

08:50

5. Other Attacks.mp4

05:22

Module 4 - Threat Detection and Rule Management

1. Detection Continuous Improvement.mp4

03:15

2. Understanding Rules and Building Blocks.mp4

02:36

3. Tuning an Existing Rule.mp4

05:51

4. Creating a Detection Rule.mp4

08:21

5. Creating a Malicious Traffic Detection Rule.mp4

09:52

6. The Use Case Manager App.mp4

09:15

7. Finding Potential Tuning Opportunities.mp4

04:52

Module 5 - Vulnerability Management

1. Understanding Vulnerability Management.mp4

04:15

2. Managing Vulnerabilities with QRadar.mp4

06:46

Module 6 - Detecting Internal Threats with UBA

1. Understanding User Behavior Analysis.mp4

09:27

2. Investigating a Suspicious Employee.mp4

05:59

3. Creating Watchlists.mp4

04:16

4. Customizing Rules.mp4

03:47

5. Course Closure.mp4

03:35

Description

Detecting threats and analyzing offenses are the main tasks of a SOC Analyst. This course will teach you how to triage offenses and detect threats using the IBM Security QRadar SIEM.

What You'll Learn?

The IBM Security QRadar is a complete SIEM solution that helps you to detect threats and analyze offenses. In this course, Monitor and Detect with IBM Security QRadar, you’ll learn how to triage offenses and detect threats using the QRadar SIEM solution. First, you’ll explore the overall offense triage process and the QRadar offense handling best practices. Next, you’ll discover through our demos how to triage the main cyber security threats and implement detection rules. Finally, you’ll learn how to use additional QRadar apps, such as the User Behaviour Analytics, to detect internal threats. When you’re finished with this course, you’ll have the skills and knowledge of QRadar needed to deliver the day-to-day tasks of a SOC analyst.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Network Security

Computer Network

Network Engineering

Network Monitoring

Ricardo Reimao

Instructor's Courses

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.