Course Search Results

Found 973 courses tagged with "Video Course".

Comment rechercher des informations dans une base de données IBM i2 iBase à partir du programme ANB (IBM i2 Analyst's Notebook).

Cette vidéo présente les options de recherche avancée, avec l'utilisation de requêtes.

Durée: 27 minutes

This video shows you how to resolve some printing issues which can be experienced when printing charts from IBM i2 Analyst's Notebook.

Comment créer un modèle de base de données iBase (de la société IBM i2) au format IDT.
Les modèles de bases IDT contiennent la structure d'une base iBase (avec les structures des types d'entités et de liens, les requêtes, les spécifications d'importation et d'exportation, les Attributs...)
A partir des fichiers IDT, vous pouvez créer une nouvelle base de données depuis IBM i2 iBase Designer ou depuis IBM i2 iBase Utilisateur.


Objectives

Demonstrates how to load the Eclipse plug-in SVN client into the IBM Security Directory Integrator version 7.2 configuration editor.

Time

4 minutes

Learn how IBM Security Secret Server performs discovery from Active Directory, UNIX/Linux and VMWare ESX environments, and how to import those accounts into Secret Server. The topics covered include:

  • How does Discovery work?
        - Active Directory Discovery
        - Unix Discovery
        - VMWare ESX Discovery

  • Why use Discovery?
  • Importing secrets found during Discovery
  • Troubleshooting tips
  • Q&A
Duration: 28 minutes

Présentation de l'interface "en Ruban" du programme IBM i2 Analyst's Notebook (ANB). Cette interface a été mise en place depuis la version 9.0 d'ANB.

Cette vidéo explique comment l'utiliser, et comment la cacher pour qu'elle prenne moins de place.

Temps: 3 minutes

IBM Security zSecure suite provides real-time feeds through both the Alert and Audit products. There are, however, differences and they can cause confusion and undermine the value of the feeds and ultimately, security.

In this video, David Rossi,  Cybersecurity Architect and Z specialist, will discuss zSecure Alert’s host based monitoring at LPAR level and zSecure Audit event streaming for SIEM.

David will lay out best practices for this topic.

Duration 40 minutes



Overview
IBM Security Identity Governance and Intelligence, or simply IGI, is an appliance-based integrated identity governance solution. This solution employs business-centric rules, activities, and processes. It empowers Line of Business managers, auditors, and risk managers to govern access and evaluate regulatory compliance across enterprise applications and services.

This lab provides a real business user experience. You imitate a day in the life of a Line of Business manager, who uses IGI to manage accesses for his team members.

Feel free to explore each of the applications in depth and work with the data in any way you like. This is a live and fully functional Identity Governance environment, with many sample user records, roles, and risk definitions.

The Identity Governance and Intelligence user interface is divided into two areas. The Administration Console is reserved for administrators, while the Service Center is where the applications for business users are contained. In this lab we use the Service Center only.

Objectives

  • Overview of the Service Center
  • Working on pending requests
    • Submitting a request
    • Evaluating, approving or rejecting requests as a user manager
    • Verifying the new role
  • Requesting roles for team members
    • Requesting a role for a team member
    • Evaluating and approving requests
    • Verifying the new role
  • Certification campaigns
    • Evaluating running certification campaigns
    • Redirecting evaluation to another reviewer
    • Tracking progresses
    • Generating certification campaign reports

In this Open Mic organized by Access Manager support team, the team discuss how Access Manager protects APIs using OAuth protocol. Some of the key topics include OAuth overview, OAuth terminology, OAuth roles, grant types, enabling OAuth authentication, API protection configuration, authentication code flow, Implicit flow, OAuth mapping rules. After the presentation, attendees were given an opportunity to ask the panel of experts questions.

In this video, you will see a demo of the REST client enhancements in IBM Access Manager 9.0.6.

In this video, you will see a demo of the new rate limiting feature in IBM Access Manager 9.0.6.

This course covers the base functions of IBM Access Manager, including these topics:

  • Base components
  • Junctions
  • Management
  • Activation files and licenses
  • Updates
  • Configuration snapshots
  • Support file
  • Auditing
  • Monitoring
  • High availability

In this video, you will see a demo of Access Manager integration with Cloud Identity Verify.

In this Open Mic, a panel of IBM experts discuss how to properly configure and troubleshoot the InfoMap Authentication Mechanism within the IBM Security Access Manager appliance.

This course demonstrates how to call the Access Manager SCIM REST APIs using Basic Authentication and OAuth 2 Authentication. In this course, you first download and review the reference SCIM API documentation. Then, you configure the Reverse Proxy for API access using Basic authentication and also using the OAuth access tokens. Finally, you call the API using the Curl and the Postman utilities.

The IBM QRadar Network Insights appliance can provide detailed analysis of network flows to extend the threat detection capabilities of IBM QRadar. This video demonstrates how to add an already installed QNI appliance into a QRadar deployment and how to deploy the license key.

This video series introduces the IBM QRadar advanced search capability using the Advanced Query Language, or AQL. 

Part 1 - Quick Filter and UI Searches

Part 2 - AQL Introduction

Part 3 - Where, Group, Having, Order

Part 4 - Counting

Part 5 - Ref Set, Assets and UBA

Part 6 - Health Metrics and X Force

Part 7 - More Health Metrics and API calls

Part 8 - Payload, Indexed and Regex Searches

Learn how to configure advanced session recording in Secret Server.

This video series, authored by IBM Security Support, guides you through major troubleshooting tips with the SiteProtector

Overview

The Resilient Incident Response Platform makes incident response efficient and compliant utilizing a knowledge base of incident response best practices, industry standard frameworks, and regulatory requirements.


Duration: 2 minutes

Closed captions: English, French, German, Spanish and Japanese


Insider threats account for 60 percent of cyber attacks, and they are incredibly difficult to detect. In fact, most cases go unnoticed for months or years. Regardless of whether the insider is a malicious employee or a contractor whose credentials have been compromised, security teams need the ability to quickly and accurately detect, investigate and respond to these potentially damaging attacks.

QRadar User Behavior Analytics (UBA) analyzes user activity to detect malicious insiders and determine if a user’s credentials have been compromised. Security analysts can see risky users, view their anomalous activities, and drill down into the underlying log and flow data that contributed to a user’s risk score. As an integrated component of the QRadar Security Intelligence Platform, UBA leverages out of the box behavioral rules and machine learning (ML) models to adds user context to network, log, vulnerability and threat data to more quickly and accurately detect attacks.

In this course, you gain an initial insight into how QRadar UBA addresses these challenges.


In this course, you will learn how to use the appliance's home dashboard to quickly view the most important events, the different types of events the appliance can detect and how to monitor them, and the advantages of using flow data graphs to conduct network usage investigations.

In this demonstration, you learn how to set up Android Enterprise device owner mode in MaaS360. Device owner mode applies to the entire device; whereas, profile owner mode has separate work and personal profiles on one device.

In this video, you learn how to integrate and approve apps from Google Play for Work in the MaaS360 App Catalog and distribute them to Android Enterprise devices.

You can use Samsung Knox Mobile Enrollment (KME) to automate the enrollment of your corporate-owned Samsung devices into MaaS360. MaaS360 supports two KME enrollment types: Device Admin and Device Owner (DO). DO is a style of Android Enterprise Management in which MaaS360 can implement security policies and push applications to a device. In this video, you learn how to configure KME to enroll Samsung devices with Android Enterprise DO.

Matt Shaver, Matthew Shaver

This video shows how to use the FORALL function that IBM Security zSecure Admin supports. This live demonstration contains some examples of when and where using the FORALL function might prove to be a significant labor time saving function for administering bulk changes to your RACF definitions.

This video will show you how to apply a license key on Directory Suite Virtual Appliance 8.0.1. The video includes a summary of the key features for each version of Directory Suite's Limited, Standard and Enterprise editions.

In this video, you learn how to configure the Guardium archive.

As the threat landscape has evolved, the risk to your organization has increased substantially. The unfortunate fact is that cybercriminals continue to be successful in evading security systems and controls.

Watch this video to understand why global threat intelligence is more important than ever in the fight against web fraud, and how IBM uses this threat intelligence to deliver automated threat protection to financial institutions. Protecting your organization and your customers in this environment requires an intelligence-driven approach, one that can help you decipher what’s next and rapidly adjust.

This video guides you through the basic directory server configuration. This is done through the Local Management Interface (LMI) GUI.


Mobile device management is complex and each organization uses it differently to meet business requirements. What is applicable to one organization might not apply to another. Sometimes, best practices are work arounds. In this video, you learn some practices you can use to manage mobile devices on the MaaS360 platform.

This video provides the best practices for a Secret policy. 

A Secret policy is a set of security and remote password changing settings that are normally applied to a Secret on the Security and Remote Password Changing tabs.

Duration: 2 minutes

This video teaches you how to build a simple Assembly Line. Assembly Line is a Directory Integrator(DI) unit of work, that is composed of different DI components such as Connectors, Parsers, Functions, Attribute Maps, Scripts, and Control/Flow components.


The MITRE ATT&CK Framework is a globally-accessible knowledge base of advisory tactics and techniques based on real-world observations.

The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and services community.

This video provides and overview of the MITRE ATT&CK Framework, followed by a discussion of how IBM Resilient and other IBM Security products use MITRE ATT&CK with a live demonstration and a Q&A.


The Bureau van Dijk (BvD) connector for i2 Connect Framework combines the power of i2 and BvD Orbis data, to assist clients in performing:

  • corporate risk assessments
  • due diligence activities
  • criminal and financial investigations

Duration: 25 minutes

You can use MaaS360 CMT Co-existence to manage Windows 10 endpoints in both Microsoft System Center Configuration Manager (SCCM) and IBM MaaS360.

MaaS360 gives you the flexibility and added value of a modern management platform to manage Windows 10 endpoints over-the-air, whether they are on a corporate intranet or the internet. The endpoints don’t need to be AD-joined or on premises.

In this course, you learn how to bulk enroll Windows 10 endpoints in MaaS360 and migrate GPO policies to MDM policies in MaaS360.

In this video, you learn how to create the bulk enrollment executable that can be used with an SCCM-deployed application to enroll Windows 10 endpoints in MaaS360.

Dwight Harper

In this video, you learn how to bulk enroll Windows 10 endpoints that are managed by the Microsoft System Center Configuration Manager (SCCM) in IBM MaaS360. Once enrolled, the endpoints can co-exist in SCCM and MaaS360.

Dwight Harper

You can use the MaaS360 Group Policy Migration Tool to migrate GPO policies that have been applied to an SCCM or AD-managed Windows 10 endpoint to MDM policies in MaaS360. In this video, you learn how to migrate GPO policies to MDM policies in MaaS360.

Dwight Harper

In this course, you learn what type of network captures can be configured on the XGS appliance, and how to use the management and protection interfaces to capture network traffic.

This course includes two technical demonstrations that highlight how Carbon Black Response and IBM QRadar SIEM integrate to quickly detect, respond, and remediate live security incidents. This integration is part of the long standing strategic partnership between Carbon Black and IBM.

This video is a technical demonstration in which IBM Resilient and Carbon Black Response detect, respond, and remediate a live security incident. This integration is part of the long standing strategic partnership between Carbon Black and IBM.

Duration: 13 minutes
Closed captions: English, French, German, Spanish and Japanese

This video is a technical demonstration of the integration between Carbon Black Response, IBM Resilient, and QRadar to detect, respond, and remediate a live security incident. This integration is part of the long standing strategic partnership between Carbon Black and IBM.

Certification campaigns automate the periodic review of relationships in IBM Identity Governance and Intelligence, or simply IGI.

IGI supports five different certification campaign types: User Assignment, Organization Unit Assignment, risk Violation Mitigation, Entitlement, and Account certification.

This video demonstrates how the campaign reviewers and campaign supervisors operate and interact during a certification campaign.

Refer to the video Configuring certification campaigns for details on how to create, configure and launch a certification campaign; or take the Certificate Campaigns eLab that will let you practice a complete and fully functional user assignment certification campaign.

TLSv1.2 is a more modern protocol and can help reduce vulnerabilities.   This video demonstrates how to change the Security Key Lifecycle Manager protocol setting from SSL to TLS in Windows and Linux for the TransportListener.ssl.protocols configuration.

Overview

This course demonstrates how to change the ciphers and protocol in IBM Resilient. There is a review of which ciphers and protocols are used by default using the nmap application, followed by a demonstration of which files need to be edited in order to adjust the ciphers and protocols being used.

Using the nmap application, you can detect default settings for the protocol and ciphers. All versions of TLS are supported (TLS1.0 TLS 1.1 and TLS 1.2).

The predominant ciphers based on RSA and ASE cryptography are supported, as well as the cryptographic ciphers that support forward secrecy based on Diffie Hellman (DF) and Ecliptic Curve Diffie Hellman (ECDH) algorithms.


Closed captions: English, French, German, Spanish and Japanese

This video shows you how to change the default password in Identity Governance and Intelligence.The default password across the IGI database schema is “ideas”. It is always recommended to change the password before the IGI database configuration.

The theory of how to perform a RACF database clean up unused resource profiles and permissions based on the collected access decisions by Access Monitor against an offline RACF database. In addition, this video explains how to run an access simulation of historically collected access events against this cleaned up offline RACF database to investigate whether the clean up causes access failures when historic access occur today against the cleaned up RACF database.

This recorded live demonstration shows how to run a RACF database clean up of unused resource profiles and permissions against an offline RACF database based on the Access data set that the Access Monitor has produced. In the second part of this video, the viewers are shown how to run an access simulation to investigate whether the clean up potentially causes access violations or increased access when compared to the collected historic access decision.

In this demonstration of IBM Cloud Identity Connect, you will learn how you can make the most of your bundled IBM Security Access Manager entitlement in order to provide integration with on-premise directories, such as Active Directory, and also how to make use of the strong authentication capabilities in Access Manager for securing your SaaS services.

Learn how IBM can help organizations thwart insider threats by protecting and monitoring privileged user accounts and activities with IBM Privileged Identity Manager. Available as an easy-to-install virtual appliance, this solution helps organizations to centrally manage and audit privileged users across systems, applications, and platforms to better protect sensitive assets and maintain compliance.

This video demonstrates the weaknesses of SNORT pattern-matching signatures as compared to the IBM Protocol Analysis Module (PAM) engine when the original exploit is modified. For the purpose of the demonstration, you use the Metasploit Framework and vulnerability described in CVE-2013-0422. In the second video, the same SNORT issues is demonstrated using CVE-2012-0507.

Overview

This course covers 4 common scenarios that demonstration of how the Resilient Incident Response Platform can be used to

  • Automate the escalation and collection of data
  • Manage a ransomware attack
  • Deal with a data breach involving an inside actor
  • Accelerate your Response to Phishing Attacks
Closed captions: English, French, German, Spanish and Japanese

Amazon Web Services (AWS) CloudTrail is a service that enables operational and risk auditing of your AWS account. It collects audit events from Amazon S3 buckets and a Log group in the AWS CloudWatch Logs. CloudTrail allows you to continuously monitor your AWS account activity including actions taken through the Management Console, AWS SDKs, command line, and other services.

QRadar connects through Amazon Web Services' API to retrieve the CloudTrail events, providing event parsing that not only allows for monitoring of your AWS account activity, but also for newly created rules to alert on possible AWS Security violations. AWS-related saved searches are used for reporting, which allows for analyzing trends on policy and user/group changes, and more.

In this video, you learn how to configure QRadar to retrieve logs from an AWS cloud environment source. Two use cases demonstrate how useful this integration can be to your cloud security posture.

Configuring and validating the Alert and Anomaly Detection engines is one of the first steps when you are configuring Guardium alerts. In this video, you learn how to configure and validate the Alert and Anomaly Detection engines.

In this video, you learn how to configure an external user registry with ISIM virtual appliance.

This video explains how to configure Directory Integrator to use Directory Server for Directory Integrator Server API Authentication. This includes confirming that there is an LDAP group set up in the Directory Server. 

This video shows how to configure an attribute to be unique in a Directory Server. This is done through the Web Administration Tool (WAT).


This video demonstrates how to configure a Guardium correlation alert and view the alert after it triggers.

IBM Privileged Identity Manager (PIM) provides a default custom registry for authentication. You can choose not to use the default registry and use an external registry instead.

There are two videos in this series. The first video demonstrates how to configure Active Directory as an external user registry in PIM. The second video demonstrates how to onboard users to PIM when using Active Directory authentication. It also covers how to customize the onboarding email to instruct users to access PIM using their domain credentials.

In this demonstration, Matthew Shaver shows you how to ensure that your deployment settings and enrollment requests are configured so that your corporate devices are properly enrolled in Android Enterprise.

Overview

You can configure the Resilient platform to send audit log messages to the Resilient client.log file and to Syslog, if you have set up and configured Syslog. This video will show you how easy it is to set up.

Closed captions: English, French, German, Spanish and Japanese

In this video, you learn how to set up  IBM Cloud Identity authorization using SAML single sign on and Cloud Extender.

This video discuses configuring an IBM DB/2 database for IBM Security Identity Governance V5.2.3. This includes providing pre-requisites for DB2 configuration and installation and configuration of the DB2 Server.

NEW

IBM Cloud Pak for Security platform helps to integrate tools and connect workflows across hybrid, multi-cloud environments. It uses connectors to your existing data sources to generate deeper insights and securely access IBM and third-party tools to search for threats across any cloud or on-premises location. This video demonstrates how to connect IBM QRadar Management Console to the IBM Cloud Pak for Security.

In this tutorial, you will learn how to configure the IBM License Metric Tool for authentication with Microsoft's Active Directory.

This video demonstrates the three steps in configuring the Luna HSM (Hardware Security Module) with IBM Security Key Lifecycle Manager (SKLM), including

  • setting up the client
  • setting up the Luna HSM for that client
  • configuring SKLM with Luna HSM

Password synchronization is the process through which a user maintains a single password across multiple applications. Administrators can associate account configurations with a password sync group and then define password policies to manage password synchronization for the password sync group.

Overview:

This course demonstrates how to configure SMTP notifications for IBM Resilient. Resilient sends email notifications to users for various purposes and Resilient must use an SMTP server to send these messages.


Closed captions: English, French, German, Spanish and Japanese

In this video, IBM Support agent Amrin Maria Khan tells you how to configure Simple Network Management Protocol (SNMP) in version 8.0.1 of SDS Virtual Appliance.

Duration: 3 minutes

This video shows you how to configure a suffix in the IBM Directory Suite virtual appliance. The suffix is a distinguished name that identifies the top entry in a locally held directory hierarchy.

Overview

This video demonstrates how to configure syslog to run on an IBM Resilient server.


Closed captions: English, French, German, Spanish and Japanese

IBM Security Access Manager (ISAM) provides SCIM-based web services for user and group management. In this course, you use the SCIM Configuration page in the Access Manager Local Management Interface (LMI) to configure the SCIM capabilities. Then, you secure the SCIM endpoints using a Reverse Proxy. You also enable the built-in SCIM demonstration application that uses SCIM calls for user management.

In this video, you will see a demonstration on how to configure master-replica replication on Directory Server instances of Directory Server Virtual Appliance version 8.0.1 using the idsldapreplcfg command.

Duration: 5 minutes

In this video, you learn how to configure replication for two Directory Servers using the command line on Directory Suite Virtual Appliance 8.0.1.

Replication is a technique used by Directory Servers to improve:

  • performance
  • availability
  • reliability
Time: 10 minutes

In this video, you learn about log source parsing order and how to manage it. See how to solve parsing problems by changing the log source parsing order and how to reduce parsing problems.



QRadar SIEM routes events and flows directly to storage, if an alarmingly high system load might cause degradation of real-time processing. After this happens, the Custom Rule Engine (CRE) can collect metrics data about rule execution. From this data, the CRE calculates throughput capacities for most enabled custom rules and building blocks. The UI displays the capacities as event and flow rates, and also indicates the level of concern with colored bars.

QRadar 7.3.2 or higher is required to enable this capability.




The XGS appliance is IBM's next generation Intrusion Prevention Systems (IPS). The appliance can monitor user activity on the network and block certain users and groups for accessing and using certain network applications and resources. This video series explains how to implement this functionality and how to track and block user activity on the network.

This program lets you generate RACF commands that automatically convert access to resources through UACC settings that exceed NONE to a permit to ID(*).

In this video series, you learn about the XGS Network Access Policy, Intrusion Prevention Policy, and IPS Event Filter Policy. Using the SiteProtector management system, you learn how to configure the policies, how the policies work together, and how they provide different levels of protection.


This video demonstrates how to create an SSL certificate to use with Security Key Lifecycle Manager version 3.0.

This video demonstrates how to create, configure, and view a Guardium real-time alert when it triggers.

A policy is a key component of data security. To keep your data secure, you must be able to implement rules on how data access is monitored, logged, and controlled.  In this course, you will learn how to create, install, and update IBM Guardium policies on data access.

Overview

This video shows examples of creating graphs of incidents over time on the Resilient Analytics dashboard, including

  • Graph incidents by severity
  • Graph time to close by severity
  • Average time to close by severity over time
  • Average time to close by type

The video closes by demonstrating some other examples of graphs:

  • The number of incidents created per month for each user
  • The number of incidents created per month per city
  • Top trend incident category in last 90 days
  • Open incident by severity in last 30 days
  • Top incident category in last 30 days
  • Incident by type in last 90 days
Closed captions: English, French, German, Spanish and Japanese

Custom log sources enable QRadar SIEM to normalize events from raw logs that have been received from various source types. These events must be parsed, normalized, and correlated into offenses to alert you to suspicious activities. Based on a business scenario, you will learn how to perform each step in the process of creating custom log sources.

 


See how Trusteer’s Pinpoint Criminal Detection platform can help detect cross-channel fraud.


Jose Bravo explains modern cryptography using easily-understood terminology and a whiteboard.

  • Symmetric encryption
  • Asymmetric encryption
  • Encryption standards, speeds, key sizes, etc.

In this Open Mic, a panel of experts discuss how to properly debug IBM Security Access Manager WebSEAL SSL Junction failures with Wireshark.

This course provides a deep dive into MaaS360 iOS policy. In this video, you are:

  • provided with a detailed explanation of expected behavior of popular iOS policy features
  • learn best practices when applying restrictions
  • understand how to implement advanced features for strict controls.
Duration: 65 minutes

NEW

This course provides a deep dive into MaaS360 Android Enterprise policy. In this video, you are provided with a detailed explanation of expected behavior of popular Android policy features, learn best practices when applying restrictions, and, understand how to implement advanced features for strict controls. 

Duration: 60 minutes

Helm Charts can be used to help deploy and manage complex Kubernetes environments. A new Helm chart has just been published to GitHub and the IBM Cloud Private catalog, which allows you to easily deploy IBM Access Manager (IAM) into a Kubernetes environment. This video provides information and a demo on how you can get access to and use the IAM Helm chart.

WinCollect is a syslog event forwarder that collects Windows-based events from local and remote Windows-based systems and sends them to QRadar for processing and storage. In this video you learn about the two different WinCollect deployment models and how to manage them.

Using the table of contents menu in the video you can navigate to each one of these topics individually, or you can explore the content altogether:

  • WinCollect overview
  • WinCollect deployment models
  • Installing and configuring a managed deployment
  • Generating an authentication token
  • WinCollect agent GUI installation
  • WinCollect agent command line installation
  • Upgrading all WinCollect agents to V7.2.8
  • Troubleshooting a faulty WinCollect installation


NEW

In this course, you learn about the high availability (HA) design for QRadar, including setup and synchronization of HA hosts, and how to work with host states in a failover situation.


This video shows how to detect changes using the Directory Integrator delta mechanism.

This video features Roberto Baratta, Loss Prevention, Business Continuity and Security Director of ABANCA, a retail bank in Spain. The video highlights how IBM Security Solutions from Trusteer have helped ABANCA prevent online banking fraud and meet new European banking regulations using IBM Security Trusteer Rapport, IBM Security Trusteer Pinpoint Malware Detection and IBM Security Trusteer Pinpoint Criminal Detection.

With indicators of compromise or concern, you specify which activities you consider suspicious. Derive indicators from threat modeling while considering which kind of data QRadar SIEM can use to test for indicators. This course addresses the following topics:

  • Getting started with threat modeling
  • Using observables for indicators
  • Using context for indicators
  • Using external data for indicators 


In this video you learn how to integrate MaaS360 with Apple's Device Enrollment Program (DEP) to streamline the enrollment of institutionally owned devices. This course contains English, French, German, and Spanish language closed captions.

The IBM Security Access Manager 9.0.4 release introduced support for running ISAM in a Docker environment. This video highlights some of the main differences between running ISAM in a Docker environment and running ISAM as an appliance.

This video shows how to use the dashboard to install, configure, deploy, and monitor Directory Integrator solutions.

This video guides you through the installation of the Directory Integrator v7.2, including downloading the installation package. It also points out a few very important steps and highlights the best practices around those.

This covers Directory Integrator Integrations with several different IBM products.

  • Directory Integrator and PIM - Learn how to Integrate PIM and Directory Integrator, Suspend and Restore PIM Users and Resources based on QRadar Events.
  • Directory Integrator and Guardium - Learn how to integrate Guardium and Directory Integrator. Update Guardium policies based on Events from Qradar.
  • Closed Loop Integrations using IBM XGS and IBM QRadar SIEM and QRadar Vulnerability Manager (QVM)

Learn how to integrate Guardium and Directory Integrator. Update Guardium policies based on Events from QRadar.

Time: 12 minutes

Learn how to integrate Privileged Identity Manager (PIM) and Directory Integrator, suspend and restore PIM users and resources based on QRadar Events.

Time: 12 minutes

Objective

  • Know how to configure various replication topologies for IBM® Security Directory Server using the ldapreplcfg command.

Duration

3 minutes

Installation and Basic Configuration of Directory Server

After the successful installation of the Virtual Appliance, next step is an initial configuration of the Appliance. This video walks you through the configuration steps.


This video guides you through the installation of the Directory Suite v8.0.1. Directory Server is now a part of the appliance. After the installation and some initial configuration (this will be covered in a separate video) you will have an instance of the Directory Server up and running.

This course provides an overview of the Domain Generation Algorithm (DGA) and how IBM QRadar DNS Analyzer can help with early detection of that type of DNS traffic.  Domain Generation Algorithm is code that is used to periodically generate a large list of domain names that are usually used by botnets. The video also demonstrates how DNS Analyzer detects and reports on the DGA domains.

This course provides an overview of the domain squatting technique and how IBM QRadar DNS Analyzer can help with early detection of that type of DNS traffic. Domain squatting is a technique used by hackers to register and use domains that are similar to a legitimate domain. Hackers use those domains to inject malware through phishing and other methods such as typo-squatting.
The video also demonstrates how the DNS Analyzer app detects and reports on squatting domains.



In this video, you learn how to enable IP-to-Hostname alias mapping.

 In this demonstration, you access the Services page and examine the services in your MaaS360 portal.

IBM Security Access Manager (ISAM) has a built-in demo application that is useful to demonstrate advanced authentication and authorization scenarios. You can also use this application to access information such as ISAM credential and session attributes, HTTP headers, and location attributes useful to diagnose setup problems.

This video course demonstrates the steps to enable and configure the demo application.

The Flow Hook section of the FDS Flow will allow only one Assembly Line to be declared in the UI. If additional Assembly Line function is needed outside the registered one, the registered Assembly Line will need enhancement to call the additional Assembly Lines. This video will show a process of performing this activity.

This video guides you through the process of enterprise license activation in Directory Suite. After the successful installation and basic configuration of the Directory Suite, you can purchase a Standard or Enterprise level license in order to get additional features.


Threat Simulator is part of the QRadar Experience Center App. It contains five use cases for common threats, and for each of them, it generates a set of pre-defined logs in real time. These logs are displayed on the Log Activity tab of the Console as they are being received so that you can learn how to analyze them.

In this course, you learn how to run and analyze the results of each use case in the Threat Simulator.

The IBM Guardium 11 active threat analytics dashboard shows potential security breach cases, based on the outlier mining process and on identified attack symptoms. In this video, you see how to use the dashboard to view cases, investigate them, and take action.

You can now use the X-Force Exchange to determine if you are affected by threats. The Am I Affected feature searches your QRadar environment and notifies you if you are prone to threats identified in the numerous X-Force Exchange collections. This course reviews the Am I Affected functionality and how you can integrate IBM X-Force Exchange Threat Intelligence information into your QRadar environment.

Password re-use by users and password phishing create security breach concerns.  The FIDO Alliance promotes and delivers authentication standards that reduce the reliance on passwords.  This video demonstrates how to use FIDO2 authenticators with IBM Access Manager 9.0.7.

This video will guide you through the initial configuration of the Federated Directory Server(FDS). This includes changing the default FDS admin password and configuring Directory Server Connection Settings.


Guardium 10.x includes functionality you can use to monitor file activity. In this course, you view the discovery and classification capabilities of the file activity monitoring (FAM) tools and learn how to set up a blocking rule to prevent someone from deleting files in a directory and logs the attempt. You also learn how to create and install policies to monitor files.

The DNS Analyzer app uses two types of filters that improve processing of the analytics algorithms. The first type of filter is based on the IBM X-Force Threat Intelligence feed, and the second is based on filtering lists built into DNS Analyzer, where you can add any domain to the whitelist or the blacklist. The video also demonstrates how DNS Analyzer reports a blacklisted domain.

The video also demonstrates how the DNS Analyzer app reports the blacklisted domain.



 This program lets you identify whether resource profiles exist that contain ACL entries where the permitted access level is equal to the UACC level that is set for that resource profile.

This program allows you to find resource profiles where the universal access defined allows update or higher access.

This video explains and demonstrates how to complete a firmware upgrade for the IBM Directory Suite virtual appliance.

First Data Corporation, an IBM Business Partner, has embedded IBM Security Trusteer’s Mobile Solutions into their mobile banking applications platform to ensure that their clients are prepared for todays and future malware attacks on the mobile channel while remaining seamless to their consumer. Watch this video to see Bob Burgarino, VP Products at First Data explain how they use Trusteer solutions to provide a better experience for their customers while ensuring the highest level of security.

This video shows you how you can use iBase to convert phone numbers using format logic into the following different formats:

  • If a phone number is 10 characters long, the format will be (999) 999-9999
  • If a phone number is 7 characters long, the format will be 999-9999
  • If a phone number is any other length than 7 or 10 characters, then leave as is 9999999999.
This video uses United States phone number formats as the example. However, this format logic can also be used for international phone numbers.

Time: 24 minutes

In this training module you learn cloud computing basics and terminology, cloud security fundamentals, and how IBM Security solutions secure the cloud.

This video covers three Guardium Data Encryption (GDE) use cases for protecting against Ransomware and Spoofing.  The use cases are:

  • Ransomware simulation
  • Ransomware and spoofing attack
  • GDE policy basics and QRadar integration

Attackers can't hide on your network with IBM QRadar Network Insights. Security teams are flooded with security log activity every day, but inspecting those logs does not always generate the level of insight required to detect modern threats. They are eager to find additional methods to provide more accurate threat detection.

In this video, an attacker infiltrates and takes over a victim's computer by exploiting a phishing attack with a malicious attachment.

QRadar Network Insights analyzes network data in real-time to uncover the attacker’s footprint and expose the hidden security threats in this scenario.

This video demonstrates the API used to send the web services calls that generate the Advanced Threat Protection (ATP) type of security event alerts. This video is part of the XGS Advanced Topics course (IS680). It represents exercise five in Unit 06.

The videos in this course serve as a quick start for getting ISAM running inside of a Docker environment.

The following topics are covered:

  • Docker Overview
  • Installing Docker
  • Obtaining ISAM Docker Images
  • Running ISAM Docker Containers

It is easy to use the predefined alerts in Guardium. In this course, you to learn about the different Guardium alert types and how to use them to monitor your Guardium ecosystem.

Policy actions are key components of Guardium polices and are critical to policy strategy and tuning. This interactive video introduces you to common blocking actions, alerting actions, and logging actions. It also includes general tips about using policy rule actions.

Franklin Almonte

Overview

Resilient Incident Response Platform is a central hub for incident responses that helps make incident response efficient and compliant. The platform is based on a knowledge base of incident response best practices, industry standard frameworks, and regulatory requirements.

The Resilient platform implements incident responses through the use of dynamic playbooks. A dynamic playbook is the set of rules, conditions, business logic, workflows and tasks used to respond to an incident. The Resilient platform updates the response automatically as the incident progresses and is modified.
In this course, you learn the Resilient basic concepts, platform architecture, and will review a demonstration of the installation process.

Objectives

  • Learn the value of IBM Resilient
  • Review the introduction video to the IBM Resilient platform
  • Learn the IBM Resilient Platform architecture
  • Learn about necessary prerequisites
  • Review the installation process
  • Describe the value of dynamic playbooks
Closed captions: English, French, German, Spanish and Japanese

Listen to one of MaaS360's subject matter experts quickly walk you through how to configure  MaaS360  for unified endpoint management (UEM). You will learn the key components to get you started managing all of your devices.

QRadar Deployment Intelligence is a monitoring application built to give users a birds-eye-view of the health of their QRadar deployment. The app consolidates the following historical data points on a per-host basis: 

  • Status
  • Up-time
  • Notifications
  • Event and flow rates
  • System performance metrics
  • QRadar specific metrics and more

In this course, you learn how to use the interactive app, by first displaying initial overviews for all hosts, and then drilling down and investigating specific hosts to see detailed health and status information.



This video walks you through getting self-service support for MaaS360, including how to open a case. It will also show you where to find documentation and videos which provide help for using the MaaS360 product.

  • obtaining an IBM ID
  • signing in to the IBM MaaS360 Support Portal
  • link your IBM ID to an existing account
  • IBM Support Portal
  • Support Access to open cases
  • open a case
  • chat with Support
  • Product Notifications
  • MaaS360 Knowledge Center
  • MaaS360 Ongoing Product Education
Duration: 10 minutes

Starting with version 10.6, Guardium has a new policy builder. This builder incorporates many of the 10.x design features, including a format that presents configuration options as sections, and an intuitive, step-by-step guide to create and configure the policy.

Franklin Almonte

IBM Guardium 11 introduces risk spotter, a semi-automatic process that hones in on the most risky users and the most risky databases. This dynamic risk assessment considers all risk factors, including but not limited to: outliers, vulnerability, volume of activities, access to sensitive data, type of commands (privileges). It scans unmonitored users and databases beyond your current policies to spot previously unmonitored risks, and it suggests proactive actions.

In Guardium 11, the smart assistant for compliance monitoring helps you quickly configure monitoring for GDPR, PCI, SOX, and other security standards by automating policy installation and scheduling, populating policy groups, discovering sensitive data in your databases, and more.

IBM Guardium policy rules fall into three categories:

  • Access rules
  • Extrusion rules
  • Exception rules

In this video series, you  learn about the three types of rules , what criteria and actions are associated with each type, and some of the uses for each type of rule.

Guardium policies are powerful resources to monitor your data environment. However, due to the large amount of data activity in a database production environment, you must configure your policy carefully to filter out innocent traffic.

In this course, you learn the differences between selective and non-selective audit policies.

MongoDB is a free and open-source cross-platform document-oriented database program.  In this video, you will see a detailed demonstration of Guardium Vulnerability Assessment for MongoDB, including the process to set up and run the test, and what happens after you harden the database per recommendations from the assessment.

In this video, you will learn about some major performance improvements and stability improvements in the Guardium Windows S-TAP V10 series.

Overview

In this video, you will see how to set up IBM Guardium email alerts in an IBM Resilient incident response workflow using the Resilient Email Connector.

In this video, you will learn how IBM Guardium supports monitoring capabilities for Database as a Service (DBaaS) and containerized databases, offering a consistent approach to data protection for on-premise and cloud environments.

In this video, you will see the steps to create an IBM Guardium instance in Amazon Web Services (AWS).

In this video, you will see how to set up an IBM Guardium instance in Microsoft Azure.

Organizations have many goals for monitoring data servers. These goals require many rules, some of which  apply to a broad set of data servers, and some of which might apply to only one or a few data servers.

In this video, you learn how to organize these rules into a series of policies to optimize maintainability.

This video defines high availability and describes different HA design configurations such as failover, link propagation, and active bypass.

A Jose Bravo whiteboard explanation of how passwords can be compromised despite being encrypted by hash functions as soon as they are entered.

In this video, you will see how to use specific Guardium GUI reports to check the data being logged on a Guardium Appliance .

In this video, you learn how coalescing works in IBM QRadar. 

This video is a technical walk through of all steps needed to configure zSecure Alert to send events to QRadar. zSecure Alert is the real-time monitor component of the zSecure suite. It can correlate events and send out real-time alerts through e-mail, text message, Write To Operator console messages, SNMP traps, or syslog receiver events. It also integrates capabilities for data analysis and enrichment that are part of zSecure Audit. This integration allows forwarding real-time alerts from zSecure Alert to QRadar SIEM through the syslog protocol.

This video provides detailed instructions for installing IBM InfoSphere DataStage for Enterprise Insight Analysis 11.5.0.

This video demonstration shows you how to use three field manipulation techniques. The techniques we will demonstrate are Substring, Word and Parse. The abbreviation CARLa stands for “CARLa Auditing and Reporting Language”. It is the main reporting engine used within zSecure Admin, zSecure Audit, zSecure Alert, and zSecure Manager for RACF z/VM. 

A security officer has to be right all the time, the hacker has to be right once. Cybercriminals continuously target financial institutions, enterprises, eCommerce sites and other organizations to steal money and valuable business information.

Trusteer, a leading provider of endpoint and clientless cybercrime prevention solutions, now joins IBM Security's broadest, advanced and most integrated security solutions.

Trusteer's solutions offers adaptive protection that turns threat intelligence into countermeasures for tomorrow. We have the intelligence to assess trends and the adaptive tools to combat emerging threats. As part of IBM Security, our solutions provide customers with the integration among products to provide big data and analytics.

For QRadar SIEM 7.3.2, an App Host can take over the running of apps. The App Host replaces the App Node that was available for previous versions of QRadar SIEM. This course teaches how to add an App Host to a QRadar SIEM 7.3.2 installation.



This zSecure Alert instruction video, shows you how you can add an installation-defined Alert to the IBM Security zSecure Alert User Interface. This video starts with a brief introduction of the IBM Security zSecure Alert tool. The last part of this video is a software simulation that shows how to define and add an installation-defined Alert to the zSecure Alert User Interface.

In i2 Enterprise Insight Analysis, users can filter search results. You can configure the types of items and property that appear in the filter list by creating and configuring facets. This course teaches you how to configure facets within the Information Store. First, you learn how to identify entity and property types in a schema. Then, you run an interactive simulation to configure and test the facets. 

This video provides a demonstration on how to enable users in IBM Security Directory Server to change their own userpassword attribute.

Duration: 7 minutes

Managing the configuration of false positives can help minimize the impact on legitimate threats and vulnerabilities in QRadar. 

In this course, we demonstrate how you can tune false positive events and flows to prevent them from creating offenses in QRadar.


This video demonstrates how to call IBM Privileged Identity Manager (PIM) Rest APIs using IBM Directory Integrator (IDI). It provides step by step instructions to configure IDI for two PIM Rest APIs: SearchPeople and UpdateUser.

The sample IDI assemblyLine used in this recording is also included. Users can download IDI_AL_update_pim_user.xml file and run the assemblyLine on their local setup.








In this video, you will see how to check and turn auto_stop_services on in Guardium.  This is important to help prevent database full issues.

In this video, you will see how to check Guardium database usage and how much data is in the top tables.  This is critical information to prevent database full issues.

In this video, you learn how to check the Guardium purge period.  This is important information in helping to prevent database full issues.

In this video, you will see how to check available disk space in Guardium. This is important information to have to prevent database full issues.

In this video, you see how to check that the latest Guardium GPU patch is installed.  This is an important task and can be particularly helpful in preventing database full issues.

In this video, you will see how to check the Aggregation/Archive log for errors.  This could be particularly helpful in preventing database full issues.

In this video, you see how to check the Guardium policy for actions that can fill the database.  This is an important step in preventing database full issues.

In this video, you learn about using the ISIM dashboard and event log to check the health of the ISIM 
virtual appliance.

The IBM QRadar App For Splunk Data Forwarding allows you to forward events from your Splunk Deployment to QRadar. Simply enter the IP of your Splunk instance, discover what data your Splunk instance is collecting, and then point and click to start forwarding your data to QRadar, enabling more security use cases. The app works with both the universal forwarder and heavy forwarder.

This video explains how you configure QRadar SIEM to ingest event logs from a deployed Splunk instance.

The Microsoft Security Event Log over MSRPC protocol is a possible configuration for QRadar to collect Windows events without the need of a local agent on the Windows host. The protocol leverages Microsoft's implementation of DCE/RPC, which is commonly referred to as MSRPC. The MSRPC protocols offers agentless, encrypted event collecting that provides higher event rates than the default "Microsoft Windows Security Event Log" protocol, which uses WMI/DCOM for event collection.

This video demonstrates how to configure a Microsoft Security Event Log over MSRPC Log Source.

NEW

Learn how IBM QRadar uses the JDBC protocol, and how to configure a JDBC Log Source in the QRadar Log Source Manager application.

NEW

Learn how IBM QRadar uses the JDBC protocol, and how to configure a JDBC Log Source for a Microsoft database with TLS encryption in the QRadar Log Source Manager application.

This video explains how to configure a new TLS Syslog log source in IBM QRadar.

IBM Access Manager also known as IBM Security Access Manager V9 supports Federation as an add-on module. In this Open Mic organized by Access Manager support team, Virag Patel talked about the administration aspect of the Federation module. You can configure and administer the Federation using the appliance console as well as the Rest APIs. Some of the key presentation topics included configuration using CLI, LMI and Rest API interfaces, supported federation types, setting up the reverse proxy (WebSEAL) instance as a Point of Contact (POC), mapping rule configuration, template files, troubleshooting and log analysis.

Similar to the if-then statement in programming languages, custom rules consist of a boolean operation and statements. If the QRadar custom rule engine (CRE) evaluates the boolean operation to true, then the CRE performs the configured rule actions and rule responses. 

This course addresses the following rule actions: 

  • Changing severity, credibility and relevance of the event or flow 
  • Adding the event or flow to an offense 
  • Annotating the event or flow 
  • Dropping the event or flow by rule action and routing rule

You use the Privileged Session Gateway feature in IBM Privileged Identity Manager (PIM) V2.1 to securely administer SSH-based resources through a web browser without installing client applications such as Putty, RDP, or Privileged Access Agent on your workstation.

In this video series, you learn how to configure and use the Privileged Session Gateway feature in PIM. You first deploy the privileged session gateway image on the Docker host and specify the location of the gateway image in the PIM appliance console. Then, you log on to the PIM Self Service web console, check out a privileged credential for an SSH-based Linux system, and connect to the terminal shell session on the system. You also play back the session using the privileged session recorder. This course includes the following videos:

  1. Course Introduction: How to configure the Privileged Session Gateway
  2. Installing the Privileged Session Gateway image on the Docker host
  3. Configuring and starting the gateway image
  4. Managing the gateway configuration in PIM
  5. Defining a shared credential in PIM
  6. Accessing a credential using the Privileged Session Gateway

This course explains how to use the QRadar SIEM Tuning Report, which lists the rules that are being matched most frequently over a specific time period.



This video demonstrates how to create a federation setup on the identity provider in IBM Security Access Manager version 9.


This video demonstrates how to create a federation partner in IBM Security Access Manager version 9.


This video demonstrates how to create a reverse proxy instance in IBM Security Access Manager version 9.

By default, IBM® Security QRadar® creates a backup archive of your configuration information daily at midnight. The backup archive includes your configuration information, data, or both from the previous day. You can customize this nightly backup and create an on-demand configuration backup, as required.

In this zSecure video, you learn how you can use the Setup application in zSecure to create and use a zSecure UNLOAD data set from your active primary RACF database.


This 15 minute video contains a zSecure software demonstration how to define and use a zSecure Collection as input to your zSecure Admin session.


When data obfuscation is configured on an IBM QRadar system, the masked version of the data is shown throughout the application. You must have access to both the corresponding keystore and the password to deobfuscate the data so that it can be viewed.

  • How to deobfuscate events in QRadar
  • How to set an obfuscation session key
  • How to automatically deobfuscate an event in the Console
  • How to deobfuscate an event in the Console

Updating your Guardium environment is an important part of maintaining your site, and can provide new features and enhancements as well as fixing bugs. In this video series, you learn how to download a Guardium patch from IBM Fix Central and upload patch files to your Guardium environment.

WinCollect 7.2.5 enables TLS v1.2 communication from the agent. However, network scans will show QRadar vulnerabilities due to listening and accepting for older TLS connections from WinCollect Agents. This server-side Console procedure informs administrators how to disable older TLS protocol options.

You can back up and recover IBM QRadar configuration information as well as event and flow data by using the backup and recovery feature.  This video demonstrates how you can identify a missing backup file in QRadar 7.3.2.

This video walks you through the process of setting up ActiveMQ as a Secure Password Store to be used with the Security Directory Integrator Password Synchronization Plug-ins.   It shows how to setup secure connections between all three resources involved (ActiveMQ, SDI Plug-in, and SDI JMS Password Store Connector).

Importing a backup archive is useful if you want to restore a backup archive that was created on another IBM Security QRadar host.

This video guides you through the installation of the fix pack for Directory Integrator. Upon successful installation of the Directory Integrator product you need to install the latest fix pack.


Determining the rules that triggered can provide valuable insight into your IT environment and guide you for further rule development and improvement. In this course, you learn how to gain different perspectives on matching rules. 

  • Sorting rules by their contributions to offenses
  • Grouping dispatched events by event name
  • Grouping events by rules that triggered for them
  • Grouping flows by rules that triggered for them
  • Filtering by rules that triggered

An application identity is a credential that is used by an application or script. These credentials are usually hard coded in the applications. They are rarely changed, leaving them vulnerable to exposure, which can lead to unauthorized use. This video demonstrates how to secure credentials for custom scripts and Java applications using IBM Security Privileged Identity Manager (PIM) v2.0.1.

In this video, you learn how to configure, use, and monitor shared privileged accounts using PIM V2.1. You first set up shared credentials, credential pools, shared access policies and approval workflow. Then, you use the shared credentials and the privileged session recorder playback console.

This video demonstrates how to use field manipulation techniques such as Substring, Word, and Parse using CARLa.

Use the QRadar Experience Center App to learn about the QRadar capabilities, simulate common threats, work with log samples in real time, and learn how to analyze your logs. The QRadar Experience Center App is designed for educational purposes, and its menu includes useful videos, links, an FAQ section, and more. 

In this video, you learn how to navigate the Experience Center App.

QRadar dashboard items allow the user to focus on different areas of interest. This step-by-step demonstration introduces how to perform network analysis with dashboard items.

The server discovery function uses the Asset Profile database to discover different server types that are based on port definitions. Then, you can select the servers to add to a server-type building block for rules. 

The server discovery function is based on server-type building blocks. Ports are used to define the server type. Thus, the server-type building block works as a port-based filter when you search the Asset Profile database.

Using properly defined servers and host definition building blocks will allow for improved QRadar tuning, and to avoid false positives.

In this video, you learn how to perform server discovery and manage host definition building blocks.


QRadar Log Source management can be very time consuming, especially if you have to manage a large number of log sources. By using the QRadar Log Source Management App bulk editing capabilities, you can save a substantial amount of time. In this video, we explain and demonstrate how you can best utilize bulk editing when you have to apply changes to many log sources at one time.

Configure a data obfuscation profile to prevent unauthorized access to sensitive or personally identifiable information in QRadar 7.3.2. Data obfuscation is the process of strategically hiding data from QRadar users. You can hide custom properties, normalized properties, such as user names, or you can hide the content of a payload, such as credit card or social security numbers.

In this zSecure video, you learn how you can find and remove redundant permissions that are directly permitted to a user ID. This video starts with a brief explanation about access control lists and what is considered to be a redundant user permit. The last part of this video is a software simulation of the Verify User permit function.

IBM Identity Manager provides a self-signed certificate for the Virtual appliance's access. This video demonstrates how to replace the default certificate with an SSL certficate trusted by a certificate authority. It also includes instructions how to create a new certificate authority (CA) and a trusted certificate using the OpenSSL utility.


The script that is used to install SSL certificates in QRadar has changed with the introduction of Version 7.3.

This video demonstrates how to replace the SSL certificate in QRadar Versions 7.2 and 7.3.

By default, IBM® Security QRadar® creates a backup archive of your configuration information daily at midnight. The backup archive includes your configuration information, data, or both from the previous day. You can customize this nightly backup and create an on-demand configuration backup, as required.

In this video, you learn how to configure a Linux system to send syslog information to QRadar.

In this video, you will see how to set Guardium notifications to alert you when your database reaches a specified threshold.  This is particularly useful in preventing database full issues.

In this video, you learn how to translate a saved search from either the Log or Network activity tab into an AQL (Ariel Query Language) search string, which can be copied to the clipboard.

When you install a QRadar WinCollect managed agent, you can run into either an authentication or a communication problem. In this video you learn how to troubleshoot this type of situation.

This video provides information for troubleshooting expensive rules in QRadar. The topics in this video include the following:

  • Diagnose the problem by checking log files
  • Calculate the threshold
  • Is this custom rule expensive?
  • Performance degradation


This brief video explains the firmware update process for IBM QRadar for System X using the Integrated Management Model.

IBM QRadar SIEM alerts to suspicious activity by creating offenses. An offense contains and links to information helpful to investigate it, such as events, flows, and asset profiles. Many offenses turn out to be false positives, and some false positives can be prevented by properly tuning the QRadar configuration.

The QRadar network hierarchy can cause false positives if it does not completely reflect which IP address ranges are local.

In this video, you learn how to change the network hierarchy based on the conclusion that an offense is a false positive.


In this 21 minute zSecure video, you learn how to code a CARLa batch job that monitors the active setting of your most important RACF general resource classes and generates a Write To Operator (WTO) message when a resource class is not active. This video starts with a brief introduction of the CARLa programming language and a WTO message. The last part of this video is a software simulation that shows how to create and submit a CARLa batch job that generates a WTO message in the z/OS system log.

In this video, you will see how to use Guardium reports to show how data is spread across tables and across time.  This is important information to help prevent database full issues.

This video has three parts. The first part introduces you to the IBM Security Identity Manager (ISIM) v7.0.0.2 virtual appliance. You learn about the virtual appliance and how to use the appliance console to manage and monitor the system. The exercises in the second part describe how to use the Identity Service Center (ISC) Console. The third part teaches you how to customize the Identity Service Center Console.

This course covers two methods for selective password synchronization in IBM Security Identity Manager.  Selective password synchronization is a method to exclude passwords from synchronization.

This video demonstrates how to specify multiple zSecure input sets as input to be able to use the Show Differences feature. You learn how to set one of your defined zSecure inputs set as the 'Compare Base' and how to additionally select one or more other input sets to compare against the 'Compare Base' to report the differences between the input source and the 'Compare Base'.

This video shows how you can use the Show Differences function in IBM Security zSecure Admin and Audit. You learn what reports support the Show Differences function, how to define which differences you want to include in your reports, and how to interpret the resulting reports and their details.

You can back up and recover IBM QRadar configuration information and data by using the backup and recovery feature to back up your event and flow data.

Within Access Manager appliances, there is an authentication service with a number of authentication mechanisms.  In this video, you will learn about the authentication service, provided authentication mechanisms, and custom authentication.

This video discusses the HTTP transformation rules with IBM Access Manager. Topics covered include what are transformation rules, how they are configured, and, how to troubleshoot the rules. In addition, information on how to download example rules is included. 

In this video, you learn about the IBM Cloud Identity platform, as well as, the Cloud Identity Connect (CIC), Cloud Identity Verify (CIV), and Cloud Identity Govern (CIG) offerings.

IBM Cloud Identity is an Identity-as-a-Service (IDaaS) offering which provides your users with rapid and secure access to thousands of popular cloud applications, while enabling single sign-on (SSO) to all their applications, whether from the cloud or on-premise.

NEW

IBM Cloud Pak for Security is a platform to more quickly integrate your existing security tools to generate deeper insights into threats, orchestrate actions and automate responses—all while leaving your data where it is.

This video provides an overview of the IBM Cloud Pak for Security platform.


The General Data Protection Regulation (GDPR) could have a real impact on your whole organization - your people, your suppliers and your business partners. This video will give you an idea of the broad scope of the GDPR, covering four main areas: security, data subject rights, consent, and privacy by design; as well as an outline of how IBM can help you on your path to GDPR readiness.

This video explains how to use ldapsearch to obtain the replication topology and configuration information.

This video describes what you need to do in order to prepare for a firmware upgrade of the Directory Suite Virtual Appliance, and, shows you how to do the upgrade.

This video shows how to integrate the IBM Directory Suite virtual appliance audit log with IBM QRadar SIEM. IBM QRadar SIEM consolidates log source event data from thousands of devices endpoints and applications that are distributed throughout a network. QRadar log integration is required to correlate the activity on the IBM Directory Suite in the perspective of larger IT systems and network.

This video shows you how to manage the virtual appliance hosts file. The hosts file is used to map host names to IP addresses.

This video provides an overview and a demonstration of the IBM Enterprise Key Management Foundation (EKMF), a highly secure key management system for the enterprise.

High volume certificates and encryption keys can be managed centrally and uniformly with Enterprise Key Management Foundation independent of target platforms. EKMF manages keys and certificates for cryptographic coprocessors, hardware security modules (HSM), software implementations like Java key store, ATMs, and point of sale terminals. EKMF offers an intensive support for EMV® chip cards, both for issuers, acquirers, and for card brands.

Duration: 37 minutes

IBM Guardium version 10.6 introduces multi-threading capabilities to vulnerability assessment. With multi-threading, you can run vulnerability assessments in parallel, reducing completion time while more efficiently using CPU resources. 

In this video series, you will see how to configure vulnerability assessment multi-threading.

With Guardium, you can set up rules that automatically terminate database sessions when Guardium detects improper data access, limiting the damage from hostile attacks on your database.

In this videos, you learn how to configure the S-TAP agent and create policy rules to take advantage of S-GATE functionality.

This course covers:

  • How to capture must gathers from Guardium
  • Collecting a guard_diag for a Guardium S-TAP installed on UNIX
  • How to Upload Data to a Support Ticket (PMR)
  • Using Guardium cli commands iptraf and tcpdump to troubleshoot network issues

The video provides details on IBM Guardium release 10.1.3. This release helps to speed compliance and simplify deployments.

This video describes the whys and wherefores of Identity Governance, starting with the "pain chain" of the gaps between auditors, business managers and IT when it comes to answering the question, "does an employee have the proper access privileges to perform duties per our company's policy?" The video explains key capabilities such as access certification, role mining and modeling, separation of duties and access risk analytics. These capabilities are provided by IBM Identity Governance. The video concludes with a role play of a company that's failed an audit and must address that failure within a 6 month window.

IGI leverages on the Enterprise Connectors application to align its data with the peripheral target systems.

This course demonstrates how to achieve data alignment between the centralized database of IBM Security Identity Governance, and peripheral target systems. The first part of the video focuses on configuring a connection with a peripheral target system, while the second part demonstrates account creation and removal on a remote Active Directory domain.

Two of the most common misunderstandings about IBM License Metric Tool (LMT) are typically represented by the following questions: 

  • Why is it telling me I have “Product A” installed when I don't? 
  • Why is it assigning too many cores and PVU to my VMs? 

Watch the Open Mic to get a better understanding of what LMT does, how the data is presented, and what the customer's role is when using LMT.

Dans ce module de formation, vous allez apprendre à intégrer MaaS360 avec des ressources situées derrière le pare-feu, en utilisant le module Mobile Enterprise Gateway de Cloud Extender.

Sommaire:

    Leçon 1: Cas d’utilisation, architecture et planification
    Leçon 2: Activer et configurer le module Mobile Enterprise Gateway
    Leçon 3: Configurer les paramètres de politique et les sources de contenu

In diesem Schulungsmodul erfahren Sie, wie Sie MaaS360 mit Ressourcen integrieren, die sich hinter der Firewall befinden. Hierfür verwenden Sie das Modul Cloud Extender Enterprise Gateway.

À la fin de ce module, vous pourrez expliquer les cas d’utilisation, l’architecture et la planification du module User Visibility de Cloud Extender. Vous saurez également activer et configurer le module User Visibility.

  • Leçon 1 Cas d’utilisation, architecture et planification
  • Leçon 2 Activation et configuration de User Visibility

Aperçu

Dans ce cours, vous allez apprendre à utiliser MaaS360 pour gérer et sécuriser les applications mobiles de votre entreprise.


Language: French français

Aperçu

Ce module contient des informations sur plusieurs composants de la MaaS360 Productivity Suite.  Il peut vous aider à comprendre comment protéger du contenu d’entreprise sur les appareils de votre organisation.


Language: French français

Aperçu

Ce cours décrit les fonctions et possibilités essentielles et l’architecture d’IBM MaaS360. Vous y verrez également les activités de planification de votre déploiement du produit.

Language: French  français

Aperçu.

Dans ce module, vous apprenez à installer et configurer MaaS360 afin de gérer des appareils mobiles.


Language: French  français

Aperçu

Dans ce module, vous apprenez à installer et configurer MaaS360 afin de gérer des appareils mobiles.


Language: French français


Aperçu

Dans ce module, vous allez apprendre à effectuer les tâches courantes d’exploitation et de résolution
des problèmes dans MaaS360, à activer et utiliser le portail des utilisateurs finals, et à répondre aux
questions les plus fréquentes concernant le logiciel.


Language: French français

Aperçu

Dans ce module de formation, vous allez apprendre à intégrer MaaS360 avec des services d’annuaire d’entreprise de type Active Directory et LDAP afin de tirer parti de votre infrastructure d’authentification existante.

Language: French, français

Aperçu

Dans ce module, vous allez découvrir l’architecture générale de MaaS360 pour l’intégration dans l’entreprise, comment Cloud Extender et ses modules s’y intègrent, et les fonctions de chaque module Cloud Extender.


Language: French français

This course provides an overview of IBM QRadar DNS Analyzer, which provides insights into your local DNS traffic by identifying malicious activity, and allowing your security team to detect Domain Generated Algorithm (DGA), tunneling, or squatting domains that are accessed from within your network. The DNS Analyzer also provides options to filter any domains using blacklists and whitelists.

The video defines prerequisites, and provides an architecture overview explaining how the application is integrated with IBM QRadar SIEM and IBM X-Force Exchange.

Utilizing QNI flows, or logs with domain information from other devices, such as DNS servers, proxies, Apache web servers, or other BIND compatible devices, you can detect and monitor outbound network traffic to potentially malicious sites. With the DNS Analyzer dashboard and drill down capabilities, your team can identify DNS trends and investigate activity such as squatting attempts.

The application is also integrated with the IBM QRadar Pulse and IBM QRadar User Behavior Analytics app.



In this video, members of the IBM Security Access Manager (ISAM) Support team discuss ISAM Appliance Clustering SSH Tunnels.

This video provides an introduction to IBM Security Access Manager, including portfolio strategy, access management use cases, and packaging.

This video demonstrates how to manage passwords and approve, reject or redirect pending access requests from your mobile phone, using the IBM Security Access Request application.

This Open Mic session was broadcast live from Think on 19-Mar-2018

Chris Weber from the IBM Support team delivered the "IBM Security Identity Governance and Administration Data Integrator (ISIGADI) Tips and Troubleshooting" Open Mic LIVE at the 2018 Think conference.

Agenda:

  • Logs and logging settings
  • IGI SDK
  • Creating new IGI admin ID
  • Verify assembly line
  • ISIGtoISIM assembly line
  • Delta assembly line
  • Validate assembly line
  • ISIM person attribute mapping

In this Open Mic video, the IBM Security Identity Manager development team discusses the new enhancements for version 6.0 Fixpack 18.

This video covers the new functions in IBM Security Identity Manager fixpacks 6.0.0.19 and 7.0.1.8.

This video provides an overview of IBM Security Identity Manager REST APIs.

The following will show how to use the python scripting language to remotely execute the db_purge command on an IBM Security Identity Manager v7 virtual appliance.


In this course, you learn how to use and customize Secret Server's Dashboard, and also learn how to create and use Secret Server folders.


Technical Support agent Daryl Romano explains the technology and best practices around the Secret Server Distributed Engine.

In this video, you are walked through the setup and installation of a Distributed Engine, Site and Site Connector using RabbitMQ.

The topics covered include:

  • Distributed Engine overview
  • What is the Distributed Engine?
  • Memory MQ or Rabbit MQ?
  • Distributed Engine install and configure
  • Troubleshooting Distributed Engine

Duration: 23 minutes


Learn how to configure IBM Security Secret Server groups, roles, permissions, user management, user preferences, and Admin settings.

In this course, you learn about common methods used to troubleshoot basic configurations, such as troubleshooting Active Directory sync, integrated Windows authentication,  and user access and permissions.  You will also walk through using logs and diagnostics.


Secrets are individually named sets of sensitive information created from Secret templates. 

In this series of videos, you will learn about troubleshooting key areas, such as templates, plugins, inactive Secrets, searching Secrets, and unlimited administration mode.

Secrets are individually named sets of sensitive information created from Secret templates.  In this course, you will learn how to create and customize Secrets in IBM Security Secret Server.


In this course, you learn the best practices for securing your IBM Security Secret Server instance.  Practices include: assigning roles, two-factor authentication, and securing encryption keys.

In this Open Mic, how to use the Certificate Management Tools of IBM Security SiteProtector™ System are are explained in detail.  This session also provides advice on how to troubleshoot any problems that arise.

The IBM Security Trusteer Fraud Protection Suite offers a simplified approach to fraud management to help financial organizations more accurately identify and prevent fraud - all while helping to lower costs and improve the end user experience.

IBM® Security Trusteer® Pinpoint™ Detect can analyze evidence based risk indicators in real-time to help detect fraud, while helping significantly reduce false positives. Based on the real-time profile risk level, Pinpoint Detect applies the necessary policy to stop cybercriminals in their tracks, all without impacting the end-user's experience.

Join Mike Riches, Jeroen Tiggelman, Guus Bonnes, Jamie Pease and Rob van Hoboken from the IBM Security zSecure Support team, as they discusses zSecure Alert: What, Why, Where and How.

IBM Trusteer’s behavioral biometrics capability helps understand how users interact with online banking websites. This technology can understand subtle mouse movements and clicks in context and meaning, helping to detect anomalous patterns, and thwart unauthorized account accesses – all while preserving the online user experience.

Come learn how IBM Trusteer is a leading provider of advanced financial fraud protection solutions offering technology that delivers a holistic cybercrime prevention platform that helps protect organizations against financial fraud. IBM Trusteer solutions helps financial institutions protect their digital banking applications as well as personal devices from financial cyber threats, such as advanced malware and phishing attacks.

IBM® Trusteer Pinpoint™ Detect now incorporates behavioral biometrics capabilities, patented analytics and machine learning for real-time cognitive fraud detection. Behavioral biometrics incorporates the use of machine learning to help understand how users interact with banking websites. The technology can understand subtle mouse movements and clicks in context and meaning while becoming increasingly more accurate over time — making it harder for fraudsters to circumvent.

Understand the latest threats with an in-depth analysis tailored to your organization or geography, showing which malware families are targeting your online banking websites and applications. Learn more by watching this video.

NEW

This video demonstrates how to use the IBM Verify mobile app for password-less login and multiple factor authentication, using biometrics.

This video provides details on the use of multi-factor authentication (MFA) in order to provision a user for the Timed One Token Password (TOTP) factor. You will learn how to provision a user with:

  • IBM Verify
  • Google Authenticator
{GENERICO:type="hints",style="Information",text="IBM® Multi-Factor Authentication for z/OS®, which is referred to in this document as IBM MFA, provides alternate authentication mechanisms for z/OS networks that are used in conjunction with RSA SecurID-based authentication systems, Apple Touch ID devices, and certificate authentication options such as PIV/CAC cards. IBM MFA allows RACF to use alternate authentication mechanisms in place of the standard z/OS password."}{GENERICO:type="hints_end"}

Duration: 12 minutes

Cette vidéo décrit l'installation du programme Microsoft SQL Server 2016 (la version Express), pour l'utilisation avec IBM i2 iBase.

Depuis la version 2016, le programme SQL Server Management Studio n'est plus intégré à SQL Server, il faut donc l'installer séparément.

Ces vidéos vous montrent les nouvelles fonctionnalités pour les Notebook D'analyste 9.1.1 et iBase 8.9.13.

Comment savoir qui est connecté à une base de données IBM i2 iBase ?

Dans certains cas, iBase Designer ne permet pas d'ouvrir une base iBase, car cette base est déjà ouverte par un autre programme.

Cette vidéo présente 2 méthodes pour savoir qui est connecté à une base iBase.

La première méthode est avec une simple requête SQL Server, à lancer depuis le programme Microsoft SQL Server Management Studio :

  • SELECT DN_NAME(dbid) as DBName, program_name, hostoname, nt_username, loginame
  • FROM sys.sysprocesses
  • WHERE DN_NAME(dbid) not in (‘master', ‘msdb‘, ‘tempdb‘)
  • AND DN_NAME(dbid) not like ‘%_Log‘

La seconde méthode utilise un petit programme gratuit qui a été développé par l'équipe IBM Support i2 en France. Contactez par mail l'équipe support pour obtenir ce programme.

Comment enregistrer un graphe ANB (IBM i2 Analyst's Notebook) en tant qu'image.

Vous pouvez enregistrer uniquement la partie visible d'un graphe, ou le graphe complet.

Description de la fonction "Enregistrements Concordants" d'iBase (depuis le programme IBM i2 Analyst's Notebook).

Cette fonction vous permet de vérifier si, par rapport à une entité iBase sur un graphe ANB, il existe d'autres entités qui partagent plusieurs caractéristiques.

Par exemple, est-ce qu'il y a des personnes avec le même nom, la même date de naissance, mais un prénom différent. Ou le même nom, le même prénom, mais une date de naissance différente.

Présentation de l'onglet "Options" dans le panneau "Source de Données" (ou panneau iBase), dans le programme IBM i2 Analyst's Notebook (ANB).

Cet onglet propose plusieurs options qui vous permettent de définir :

  • quelle action doit être effectuée lors d'un double sur une entité (affichage des informations ou étendre)
  • les valeurs par défaut des champs standards
  • le fait que les entités de départ soient sélectionnées ou non
  • la réorganisation ou pas des entités initiales, suite à un Etendre

Présentation de la fonction d'iBase "Ouvrir les Liens Hypertextes", accessible depuis le programme IBM i2 Analyst's Notebook (ANB).

Cette fonction présente le ou les liens Hypertextes qui ont été définis pour une ou plusieurs entités.

Cette vidéo présente comment maximiser la taille des graphes sur le programme IBM i2 Analyst's Notebook.

Elle montre comment vous pouvez :

  • Cacher les Panneaux
  • Cacher le Ruban
  • Passer en mode Plein écran

Elle montre aussi comment utiliser 2 écrans (ou plus) pour placer certains panneaux sur les autres écrans, afin d'avoir un graphe le plus grand possible.

In this video, you will learn about the i2 Analyst's Notebook capability that allows you to drag charts or drag chart items.

Time: 1 minute

La suite de l'analyse de données d'exemples.

Ces données correspondent aux contrôles de véhicules dans la ville de Minneapolis, aux USA, en 2017.

La première partie de cette vidéo expliquait comment importer les données du fichier CSV sur le graphe Analyst's Notebook (ANB).

L'utilisation de la fonction Clichés dans le programme IBM i2 Analyst's Notebook.

Les Clichés vous permettent de suivre l'évolution de la création d'un graphe, en prenant un "cliché" pour les différentes étapes importantes de la création du graphe.

Présentation des fonctions Grouper et Dégrouper du programme IBM i2 Analyst's Notebook. Ces 2 fonctions sont dans le menu "Réorganiser" du Ruban.

Présentation de la fonction Panneau d’aperçu du programme IBM i2 Analyst's Notebook (ANB).

Cette fonction permet d'avoir, dans un petit panneau, une vision globale du graphe, et de savoir où on se situe sur le graphe.

Elle permet aussi de se déplacer rapidement sur le graphe, et de changer le niveau de zoom (de 1 à 400%).

This video provides an introduction to the IBM i2 Analyst's Notebook activity view. When you add items to the Activity View, any temporal data that is associated with them is represented as activity indicators on the item timeline. The activity indicators provide a different view of the data, allowing greater visibility and comparison.

This video provides an introduction to IBM i2 Analyst's Notebook conditional formatting feature. Conditional formatting is a process of defining and applying rules to change the chart items appearance automatically based on the item properties.

These videos provide you with an introduction to merging entities and links, and, combining attributes.

  • It is useful to merge entities when you identify two or more entities on your chart that represent the same real-world object. For example, you might incorporate data into your chart from a source that uses different naming conventions or you might discover that several people on your chart are the same person with different aliases.
  • It is useful to merge links when you have several links between two entities that represent a number of events and you want to represent them as a single link. For example, you might want to represent several transactions from one bank account to another as a single link that indicates the total amount that is transferred.
  • in the case of attributes, if you add data from two data sources, the different sources might use different attribute classes to denote the same information. You can combine these two classes into a single attribute class.
  • This video will discuss semantic types and the role they play in searching and analysis in Analyst’s Notebook.

    This video explains how to open, close, hide, move and resize Analyst's Notebook task panes.

    Objective

    • Learn how to use the new ribbon navigation which is part of i2 Analyst's Notebook version 9.0.0

    Duration

    12 minutes

    Suite de la présentation des différentes options de la fonction Etendre d'iBase dans le programme IBM i2 Analyst's Notebook (ANB).

    Cette vidéo est dédiée à l'option "Multiplicité de connexion", qui permet de choisir entre "Unique", "Dirigée", ou "Multiple".

    Description des différentes options de la fonction Etendre sur le programme IBM i2 Analyst's Notebook (ANB), sur une base i2 ibase.

    Les 7 options sont :

    • Profondeur
    • Libellé des liens
    • Multiplicité des liens
    • Filtres sur les types d'entités et/ou les types de liens
    • Style de représentation - Inclure les liens connectés
    • Inclure les voisins communs

    Comment utiliser les différentes options de la fonction Etendre, depuis le programme IBM i2 Analyst's Notebook (ANB), vers une base de données i2 iBase.

    Les options présentées ici sont :

    • Niveau d'étendre (ou Niveau de profondeur)
    • Inclure les liens connectés
    • Inclure les voisins communs

    This course presents a series of videos dealing with data duplication on IBM Analyst's Notebook chart. The ways to resolve or working with the data duplication is using one of the many options within the i2 Analyst's Notebook application. These topics describe the following:

    • Provides the three kinds of duplicate data and how you might choose to resolve the duplication.
    • Describes how to handle the duplicate data when it is imported into i2 Analyst's Notebook.
    • Use the Find Matching Entities option,  which essentially means Fund Duplicate Entities in i2 Analyst's Notebook. The video describes how to use the Find Matching Entities option.
    • Describes how to use Smart Matching within i2 Analyst's Notebook to find matches in the data.
    • Provides an example of how to use the Smart Matching Against Selection option when searching for matching data.
    • Introduces using the Previously Linked Matches option to retrieve all the matches you previously found and linked.
    • Describes how to exclude two or more entities that are not duplicates. This prevents those matches from occurring in future Find Matching Entities searches.

    Overview: This course is a set of videos that provide an overview of ways to find a network within an i2 Analyst's Notebook chart.

    The topics for the four videos in this course are:

    • Find Linked Items
    • Find Path
    • Find Matching Entities
    • Find Networks

    Duration: 10 minutes

    This course is a set of videos that provide an overview of ways to find a network within an i2 Analyst's Notebook chart.

    The topics for the three videos in this course are:

    • Calculate Binding Strength
    • Find Clusters
    • Find Connecting Network

    In addition to access to records, you can also control access to features or types of command. To restrict access to features, you need to specify a command access control file.

    This is the seventh video in a series which walks you through the build of your first i2 Analyze connector creator configuration file.

    This video provides details on how to add an external datasource.

    To view the previous and next video in this series, go to Additional Resources below for the links.

    Duration

    3 minutes


    This is the eighth video in a series which walks you through the build of your first i2 Analyze connector creator configuration file.

    This video provides details how to set up the library element.

    To view the previous videos in this series, go to Additional Resources below for the links.

    Duration

    3 minutes


    In this course, you will learn about ingesting data into the i2 Analyze Information Store.  This covers how to populate staging tables, how to create a mapping file, as well as, how to run the data ingestion command.

    Data that is stored within IBM i2 Analyze is secured on a need to know basis. The security model allows you to determine the type of access groups of users will get.

    • Security Dimensions
    A security dimension is a way to categorize an i2 Analyze item, with the aim of using its categorization to determine what rights users receive. The security dimensions for any deployment of the platform are defined in the security schema for that deployment.

    • Security Levels
    A security level is a description of what a user is allowed to do to an item in i2 Analyze. User group membership determines what security level a user receives for any particular item.

    • Security Permissions
    In i2 Analyze, security permissions provide the link between the security dimension values that an item has, and the security levels that users receive. The platform calculates the access and grant rights of users according to the permissions of the user groups to which they belong.

    Example deployments of i2 Analyze have security schemas that allow the software to work, but are not suitable for production purposes. Before you go live, you must develop a security schema that meets the needs of your organization. An i2 Analyze security schema defines the security dimensions that exist in a deployment, and the dimension values that can be assigned to items and records. A security schema also defines the permissions that i2 Analyze users can receive.

    The IBM i2 Enterprise Insight Analysis i2 Connect capability enables analysts to search for and retrieve data from external data sources using the Opal quick search functionality, and then analyze the results on a chart in Analyst's Notebook Premium. To use i2 Connect, you must obtain or create a custom connector to the external data source that you want to search.

    This video demonstration shows the threat hunting capabilities of IBM i2 Enterprise Insight Analysis.

    As part of an IBM i2 Analyze deployment, a Connector Creator provides a mechanism for providing users with access to external data. The external data becomes available in the Intelligence Portal in a new tab that users can select and interact with as well as customize. This lab will introduce you to the Connector Creator, its components, and the installation process.

    In this course, you will deploy IBM i2 Analyze, which is part of the Enterprise Insight Analysis (EIA) solution. i2 Analyze provides the collaboration and search services in EIA.  You will create an example Opal deployment that includes the Information Store that is connected to use the i2 Analyze Opal services. After you deploy the Information Store, you can access the data that it contains by using Analyst's Notebook Premium (ANBP).  You will also learn to configure Quick Search and Visual Query.

    This video provides an overview of auditing for the information store and how to deploy it.

    In this six-part video series, you will be introduced to the key components and installation of the software needed to build an IBM i2 Enterprise Insight Analysis (EIA) environment:

    • IBM i2 EIA Installation Overview
    • IBM Installation Manager
    • IBM i2 Enterprise Insight Analysis
    • IBM HTTP Server and WebSphere plugins
    • IBM DB2 Server
    • IBM i2 Analyst's Notebook Premium

    This video provides an introduction to the i2 Enterprise Insight Analysis cybersecurity threat hunting capabilities.

    The web client is licensed as a part of the IBM i2 Enterprise Insight Analysis Investigate Add On. The web client can be used to search the Information Store.

    This series of videos introduces key components and architecture of the Enterprise Insight Analysis (EIA) solution. 


    Installation du programme IBM i2 EIA (Enterprise Insight Analysis), version 2.2.0, en français.

    On installe d'abord le moteur de BdD IBM DB2, puis le programme IBM Installation Manager.

    On installe ensuite les prérequis pour EIA, puis EIA, puis Analyst's Notebook Premium V9.1.

    On réalise ensuite un déploiement basique (en version OPAL), puis on importe des données dans la base Information Store.

    On lance ensuite ANB-P, et on vérifie que l'on peut se connecter à EIA 2.2.0

    durée: 49 minutes

    Using the IBM i2 Analysts Notebook and IBM i2 Intelligence Analyst Portfolio, this video shows the identification and alarming of patterns that can help identify and cyber and fraudulent threats. 

    The two videos provide a walk-through on:

    • how to create a SQL view to import into IBM i2 iBase, and
    • how to import the SQL view into IBM i2 iBase

    In this video, you will learn how to move and restore an iBase SQL database from one server to another server. You will be using the IBM i2 iBase Designer to perform this move and restore.

    Ce petit outil gratuit (contacter le support IBM i2 pour l'obtenir) vous permet de trouver des similitudes entre des enregistrements dans une base IBM i2 ibase.

    Les similitudes se basent sur le fait que 2 valeurs diffèrent uniquement par une seule lettre, ou par 2 lettres inversées.

    Le résultat est présenté sous la forme d'un fichier CSV, qui peut ensuite être importé dans iBase sous la forme de liens Similaires.

    Cet outil gratuit (adressez-vous au support IBM i2 France) va vous permettre de trouver quels sont les couples d'entités qui ne sont pas reliées directement, mais qui ont un nombre important de voisins communs.

    Ceci peut être le signe que ces 2 entités se connaissent, ou ont un lien qui n'avait pas été trouvé jusqu'à présent.

    Cet outil ne fait que donner des propositions, c'est aux analystes de valider le fait que 2 entités sont ou pas reliées.

    Comment utiliser l'option "Suppression Logique" dans le programme IBM i2 iBase.

    Cette option vous permet de définir que les enregistrements (entités et liens) ne sont pas physiquement supprimés de la base de données, mais deviennent inaccessibles.

    Ceci est utile dans le cas où des données sont supprimées par erreur, car il est alors possible de récupérer ces données.

    Comment, dans le programme IBM i2 iBase Designer, créer un champ qui va afficher l'âge d'une personne (ou d'un événement) ?

    Cette vidéo explique comment utiliser un champ de type "Nombre calculé", qui prend comme paramètre la date de naissance d'une personne (ou toute autre date pour laquelle vous souhaitez avoir l'âge en années).

    Présentation de l'option Filtrer les types d'entités et les types de liens de la fonction Etendre d'iBase, depuis le programme IBM i2 Analyst's Notebook (ANB).

    Cette vidéo fait partie d'une série dédiée à la fonction Etendre d'iBase, dans i2 Analyst's Notebook.

    IBM® Security zSecure™ V2.3 suite helps:

    • Enhance mainframe security position to better demonstrate compliance with regulations.
    • Enhance real-time security intelligence analytics and alerts.
    • Enhance identity governance for the mainframe to:
      • Help organizations understand, control, and make business decisions that are related to user access.
      • Assess risks.
    • Secure cloud and mobile applications.
    • Utilize the inherent security advantages offered by mainframes that include pervasive encryption for enhanced data protection.

    IBM Identity Governance and Intelligence is unique among identity governance tools in basing access recertification and SoD detection on conflicting business activities rather than application permissions.

    The business activities approach uses plain English rather than arcane IT terminology to make sure the requester, approver and risk managers easily understand the access being requested and the risk it implies.

    This video shows how to provision and manage temporary accounts in IBM Identity Governance and Intelligence.

    Overview

    Certification campaigns are a formal process that automates the periodic review of a relationship, and enables critical access decisions by nontechnical line-of-business managers.

    This video shows how administrators configure certification campaigns to satisfy the company's business needs, and how business users (campaign reviewers and supervisors) operate and interact during a certification campaign.

    This Identity Governance Clustering and High Availability Open Mic webcast was broadcast on 14-July-2017

    Agenda:

    • Overview and Architecture
    • Virtual Appliance setup and configuration
    • Front-end: Web Load Balancer
    • Back-end: DB2
    • Back-end: IBM Security Directory Server

    Goal:

    • Provide guidelines about how to set up clustering and high availability in IBM Identity Governance and Intelligence, presenting a sample solution by Virtual Appliance, front-end and back-end points of view.


    Overview: This course demonstrates how to use IBM Identity Governance and Intelligence to manage user accounts and support data, such as Groups, Folders, and Secrets on the Secret Server solution.

    The first part of the video focuses on creating and configuring an Enterprise Connector between IGI and Secret Server, while the second part demonstrates some relevant integration features, like user account creation, entitlement management, groups, folders, and secret shares management.


    Overview

    This course demonstrates how to use IBM Identity Governance and Intelligence to manage users, and user accounts, on the CyberArk Privileged Account Security server.

    The first part of the course focuses on installing the adapter and configuring a connection with a CyberArk server, while the second part demonstrates some relevant adapter features, like user and account creation, entitlement management, account suspension, password change, and finally, user deletion.

    Overview

    IBM Security Identity Governance and Intelligence (IGI), is an appliance-based integrated identity governance solution. This solution employs business-centric rules, activities, and processes. It empowers line-of-business (LOB) managers, auditors, and risk managers to govern access and evaluate regulatory compliance across enterprise applications and services.

    Objectives
    This lab provides a brief tour of the available applications to help you become familiar with the IGI user interface.

    • Tour of the Administration Console
    • Tour of the Service Center
    • Access Governance Core
    • Managing the exchange of data
      • Loading data by using the Bulk Data Load tools
      • Loading data by using the Enterprise Connectors
    • Role lifecycle management
      • Exploring roles
      • Exploring role mining
    • Access risk control modeling
    • Certification campaigns
    • Reporting
    • Automating tasks
    • Tour of the Virtual Appliance console

    Overview: The Identity Governance and Intelligence, or IGI, Rules Development Toolkit is a project for the Eclipse Java IDE, designed to assist the IGI administrator in developing and troubleshooting Java rules for IGI.

    This video demonstrates how to download, install, execute and use the IGI Rules Development Toolkit.

    The IBM Identity Governance and Intelligence Virtual Appliance is an appliance-based solution that delivers the Identity Governance and Intelligence application.

    This video demonstrates how you can install the Identity Governance and Intelligence Virtual Appliance, and perform the initial configurations.

    This video shows how you can monitor the main resources of the IBM Identity Governance and Intelligence (IGI) Virtual Appliance, and demonstrates how you can investigate and troubleshoot issues.

    The first part of the video demonstrates the usage of the widgets on the main Virtual Appliance Dashboard, and the Monitoring menu facilities that you can use to monitor the memory, CPU, and storage used by the IGI Virtual Appliance. The video also shows how you can monitor the IGI Virtual Appliance remotely from any SNMP monitoring application, accessing to hundreds of status variables.

    The second part of the video demonstrates how you can configure an appropriate log level to capture enough logging messages and access specific log files. The video then demonstrates how we can create and download the Support File, a single package that captures all the log files at once, after an issue occurred or after having successfully recreated an issue to troubleshoot. The Support Files captures logs from both the Virtual Appliance and the Identity Governance application, and it is ultimately required and used by IBM Support to assist in troubleshooting issues.


    This video is an overview of the IBM Identity Governance and Intelligence Virtual Appliance, and demonstrates how configure the main appliance parameters using the Command Line Interface and the Virtual Appliance console.

    The Command Line Interface is particularly useful during the early stages of an installation, when the application has not been deployed yet, or to troubleshoot any condition that prevents you from accessing the graphical Virtual Appliance console. In the first part of the video we demonstrate how to use the Command Line Interface to move across menus, work with Virtual Appliance partitions, check fix packs installed, configure the main network parameters, and test the main connection parameters.

     We also demonstrate how to use the Virtual Appliance graphical console for the initial configuration and basic maintenance. We show how to configure the connection to an external database server, install a fix pack, and configure the NTP protocol to synchronize time among all components of the Identity Governance solution.

    Overview

    In the IGI data model, an entitlement identifies a structured set of permissions. These permissions are assigned to a user to allow access to the resources of an organization.

    Permissions, IT roles, business roles, and external roles are collectively referred to as entitlements.
    Entitlements are structured in a hierarchy. This lab will teach you how roles are created and managed in IGI.

    Objectives
    • Role definition
      • Creating a new role
      • Adding entitlements to a role
      • Publish the new role
      • Add scope to the new role
      • Assign the role to a user
      • Verify success
    • Role consolidation
      • Observing and consolidating existing entitlements
      • Analyze the new role for impact and risk
      • Publish the new role
      • Add scope to the new role
      • Consolidate the new role
      • Verify success
    • Role mining
      • Prepare for the role mining process
      • Create a data snapshot for data exploration
      • Review the analysis for potential roles
      • Use role mining to discover a new role
      • Analyze the discovered roles
      • Release the role to Access Governance Core
      • Publish the new role

    This XGS video demonstrates how to control user access to the network resources.