Course Search Results

Found 220 courses tagged with "language_fr".

Comment rechercher des informations dans une base de données IBM i2 iBase à partir du programme ANB (IBM i2 Analyst's Notebook).

Cette vidéo présente les options de recherche avancée, avec l'utilisation de requêtes.

Durée: 27 minutes

Comment créer un modèle de base de données iBase (de la société IBM i2) au format IDT.
Les modèles de bases IDT contiennent la structure d'une base iBase (avec les structures des types d'entités et de liens, les requêtes, les spécifications d'importation et d'exportation, les Attributs...)
A partir des fichiers IDT, vous pouvez créer une nouvelle base de données depuis IBM i2 iBase Designer ou depuis IBM i2 iBase Utilisateur.


Présentation de l'interface "en Ruban" du programme IBM i2 Analyst's Notebook (ANB). Cette interface a été mise en place depuis la version 9.0 d'ANB.

Cette vidéo explique comment l'utiliser, et comment la cacher pour qu'elle prenne moins de place.

Temps: 3 minutes

Overview
IBM Security Identity Governance and Intelligence, or simply IGI, is an appliance-based integrated identity governance solution. This solution employs business-centric rules, activities, and processes. It empowers Line of Business managers, auditors, and risk managers to govern access and evaluate regulatory compliance across enterprise applications and services.

This lab provides a real business user experience. You imitate a day in the life of a Line of Business manager, who uses IGI to manage accesses for his team members.

Feel free to explore each of the applications in depth and work with the data in any way you like. This is a live and fully functional Identity Governance environment, with many sample user records, roles, and risk definitions.

The Identity Governance and Intelligence user interface is divided into two areas. The Administration Console is reserved for administrators, while the Service Center is where the applications for business users are contained. In this lab we use the Service Center only.

Objectives

  • Overview of the Service Center
  • Working on pending requests
    • Submitting a request
    • Evaluating, approving or rejecting requests as a user manager
    • Verifying the new role
  • Requesting roles for team members
    • Requesting a role for a team member
    • Evaluating and approving requests
    • Verifying the new role
  • Certification campaigns
    • Evaluating running certification campaigns
    • Redirecting evaluation to another reviewer
    • Tracking progresses
    • Generating certification campaign reports

Overview

The Resilient Incident Response Platform makes incident response efficient and compliant utilizing a knowledge base of incident response best practices, industry standard frameworks, and regulatory requirements.


Duration: 2 minutes

Closed captions: English, French, German, Spanish and Japanese


In this demonstration, you learn how to set up Android Enterprise device owner mode in MaaS360. Device owner mode applies to the entire device; whereas, profile owner mode has separate work and personal profiles on one device.

In this video, you learn how to integrate and approve apps from Google Play for Work in the MaaS360 App Catalog and distribute them to Android Enterprise devices.

This video is a technical demonstration in which IBM Resilient and Carbon Black Response detect, respond, and remediate a live security incident. This integration is part of the long standing strategic partnership between Carbon Black and IBM.

Duration: 13 minutes
Closed captions: English, French, German, Spanish and Japanese

Overview

This course covers 4 common scenarios that demonstration of how the Resilient Incident Response Platform can be used to

  • Automate the escalation and collection of data
  • Manage a ransomware attack
  • Deal with a data breach involving an inside actor
  • Accelerate your Response to Phishing Attacks
Closed captions: English, French, German, Spanish and Japanese

Overview

You can configure the Resilient platform to send audit log messages to the Resilient client.log file and to Syslog, if you have set up and configured Syslog. This video will show you how easy it is to set up.

Closed captions: English, French, German, Spanish and Japanese

Overview:

This course demonstrates how to configure SMTP notifications for IBM Resilient. Resilient sends email notifications to users for various purposes and Resilient must use an SMTP server to send these messages.


Closed captions: English, French, German, Spanish and Japanese

Overview

This video demonstrates how to configure syslog to run on an IBM Resilient server.


Closed captions: English, French, German, Spanish and Japanese

Overview

This video shows examples of creating graphs of incidents over time on the Resilient Analytics dashboard, including

  • Graph incidents by severity
  • Graph time to close by severity
  • Average time to close by severity over time
  • Average time to close by type

The video closes by demonstrating some other examples of graphs:

  • The number of incidents created per month for each user
  • The number of incidents created per month per city
  • Top trend incident category in last 90 days
  • Open incident by severity in last 30 days
  • Top incident category in last 30 days
  • Incident by type in last 90 days
Closed captions: English, French, German, Spanish and Japanese

WinCollect is a syslog event forwarder that collects Windows-based events from local and remote Windows-based systems and sends them to QRadar for processing and storage. In this video you learn about the two different WinCollect deployment models and how to manage them.

Using the table of contents menu in the video you can navigate to each one of these topics individually, or you can explore the content altogether:

  • WinCollect overview
  • WinCollect deployment models
  • Installing and configuring a managed deployment
  • Generating an authentication token
  • WinCollect agent GUI installation
  • WinCollect agent command line installation
  • Upgrading all WinCollect agents to V7.2.8
  • Troubleshooting a faulty WinCollect installation


With indicators of compromise or concern, you specify which activities you consider suspicious. Derive indicators from threat modeling while considering which kind of data QRadar SIEM can use to test for indicators. This course addresses the following topics:

  • Getting started with threat modeling
  • Using observables for indicators
  • Using context for indicators
  • Using external data for indicators 


Overview

Resilient Incident Response Platform is a central hub for incident responses that helps make incident response efficient and compliant. The platform is based on a knowledge base of incident response best practices, industry standard frameworks, and regulatory requirements.

The Resilient platform implements incident responses through the use of dynamic playbooks. A dynamic playbook is the set of rules, conditions, business logic, workflows and tasks used to respond to an incident. The Resilient platform updates the response automatically as the incident progresses and is modified.
In this course, you learn the Resilient basic concepts, platform architecture, and will review a demonstration of the installation process.

Objectives

  • Learn the value of IBM Resilient
  • Review the introduction video to the IBM Resilient platform
  • Learn the IBM Resilient Platform architecture
  • Learn about necessary prerequisites
  • Review the installation process
  • Describe the value of dynamic playbooks
Closed captions: English, French, German, Spanish and Japanese

Listen to one of MaaS360's subject matter experts quickly walk you through how to configure  MaaS360  for unified endpoint management (UEM). You will learn the key components to get you started managing all of your devices.

In this video, you learn how coalescing works in IBM QRadar. 

In this video, you learn how to configure, use, and monitor shared privileged accounts using PIM V2.1. You first set up shared credentials, credential pools, shared access policies and approval workflow. Then, you use the shared credentials and the privileged session recorder playback console.

Use the QRadar Experience Center App to learn about the QRadar capabilities, simulate common threats, work with log samples in real time, and learn how to analyze your logs. The QRadar Experience Center App is designed for educational purposes, and its menu includes useful videos, links, an FAQ section, and more. 

In this video, you learn how to navigate the Experience Center App.

The server discovery function uses the Asset Profile database to discover different server types that are based on port definitions. Then, you can select the servers to add to a server-type building block for rules. 

The server discovery function is based on server-type building blocks. Ports are used to define the server type. Thus, the server-type building block works as a port-based filter when you search the Asset Profile database.

Using properly defined servers and host definition building blocks will allow for improved QRadar tuning, and to avoid false positives.

In this video, you learn how to perform server discovery and manage host definition building blocks.


This video discusses the HTTP transformation rules with IBM Access Manager. Topics covered include what are transformation rules, how they are configured, and, how to troubleshoot the rules. In addition, information on how to download example rules is included. 

This video describes the whys and wherefores of Identity Governance, starting with the "pain chain" of the gaps between auditors, business managers and IT when it comes to answering the question, "does an employee have the proper access privileges to perform duties per our company's policy?" The video explains key capabilities such as access certification, role mining and modeling, separation of duties and access risk analytics. These capabilities are provided by IBM Identity Governance. The video concludes with a role play of a company that's failed an audit and must address that failure within a 6 month window.

IGI leverages on the Enterprise Connectors application to align its data with the peripheral target systems.

This course demonstrates how to achieve data alignment between the centralized database of IBM Security Identity Governance, and peripheral target systems. The first part of the video focuses on configuring a connection with a peripheral target system, while the second part demonstrates account creation and removal on a remote Active Directory domain.

Dans ce module de formation, vous allez apprendre à intégrer MaaS360 avec des ressources situées derrière le pare-feu, en utilisant le module Mobile Enterprise Gateway de Cloud Extender.

Sommaire:

    Leçon 1: Cas d’utilisation, architecture et planification
    Leçon 2: Activer et configurer le module Mobile Enterprise Gateway
    Leçon 3: Configurer les paramètres de politique et les sources de contenu

À la fin de ce module, vous pourrez expliquer les cas d’utilisation, l’architecture et la planification du module User Visibility de Cloud Extender. Vous saurez également activer et configurer le module User Visibility.

  • Leçon 1 Cas d’utilisation, architecture et planification
  • Leçon 2 Activation et configuration de User Visibility

Aperçu

Dans ce cours, vous allez apprendre à utiliser MaaS360 pour gérer et sécuriser les applications mobiles de votre entreprise.


Language: French français

Aperçu

Ce module contient des informations sur plusieurs composants de la MaaS360 Productivity Suite.  Il peut vous aider à comprendre comment protéger du contenu d’entreprise sur les appareils de votre organisation.


Language: French français

Aperçu

Ce cours décrit les fonctions et possibilités essentielles et l’architecture d’IBM MaaS360. Vous y verrez également les activités de planification de votre déploiement du produit.

Language: French  français

Aperçu.

Dans ce module, vous apprenez à installer et configurer MaaS360 afin de gérer des appareils mobiles.


Language: French  français

Aperçu

Dans ce module, vous apprenez à installer et configurer MaaS360 afin de gérer des appareils mobiles.


Language: French français


Aperçu

Dans ce module, vous allez apprendre à effectuer les tâches courantes d’exploitation et de résolution
des problèmes dans MaaS360, à activer et utiliser le portail des utilisateurs finals, et à répondre aux
questions les plus fréquentes concernant le logiciel.


Language: French français

Aperçu

Dans ce module de formation, vous allez apprendre à intégrer MaaS360 avec des services d’annuaire d’entreprise de type Active Directory et LDAP afin de tirer parti de votre infrastructure d’authentification existante.

Language: French, français

Aperçu

Dans ce module, vous allez découvrir l’architecture générale de MaaS360 pour l’intégration dans l’entreprise, comment Cloud Extender et ses modules s’y intègrent, et les fonctions de chaque module Cloud Extender.


Language: French français

This course provides an overview of IBM QRadar DNS Analyzer, which provides insights into your local DNS traffic by identifying malicious activity, and allowing your security team to detect Domain Generated Algorithm (DGA), tunneling, or squatting domains that are accessed from within your network. The DNS Analyzer also provides options to filter any domains using blacklists and whitelists.

The video defines prerequisites, and provides an architecture overview explaining how the application is integrated with IBM QRadar SIEM and IBM X-Force Exchange.

Utilizing QNI flows, or logs with domain information from other devices, such as DNS servers, proxies, Apache web servers, or other BIND compatible devices, you can detect and monitor outbound network traffic to potentially malicious sites. With the DNS Analyzer dashboard and drill down capabilities, your team can identify DNS trends and investigate activity such as squatting attempts.

The application is also integrated with the IBM QRadar Pulse and IBM QRadar User Behavior Analytics app.



Cette vidéo décrit l'installation du programme Microsoft SQL Server 2016 (la version Express), pour l'utilisation avec IBM i2 iBase.

Depuis la version 2016, le programme SQL Server Management Studio n'est plus intégré à SQL Server, il faut donc l'installer séparément.

Ces vidéos vous montrent les nouvelles fonctionnalités pour les Notebook D'analyste 9.1.1 et iBase 8.9.13.

Comment savoir qui est connecté à une base de données IBM i2 iBase ?

Dans certains cas, iBase Designer ne permet pas d'ouvrir une base iBase, car cette base est déjà ouverte par un autre programme.

Cette vidéo présente 2 méthodes pour savoir qui est connecté à une base iBase.

La première méthode est avec une simple requête SQL Server, à lancer depuis le programme Microsoft SQL Server Management Studio :

  • SELECT DN_NAME(dbid) as DBName, program_name, hostoname, nt_username, loginame
  • FROM sys.sysprocesses
  • WHERE DN_NAME(dbid) not in (‘master', ‘msdb‘, ‘tempdb‘)
  • AND DN_NAME(dbid) not like ‘%_Log‘

La seconde méthode utilise un petit programme gratuit qui a été développé par l'équipe IBM Support i2 en France. Contactez par mail l'équipe support pour obtenir ce programme.

Comment enregistrer un graphe ANB (IBM i2 Analyst's Notebook) en tant qu'image.

Vous pouvez enregistrer uniquement la partie visible d'un graphe, ou le graphe complet.

Description de la fonction "Enregistrements Concordants" d'iBase (depuis le programme IBM i2 Analyst's Notebook).

Cette fonction vous permet de vérifier si, par rapport à une entité iBase sur un graphe ANB, il existe d'autres entités qui partagent plusieurs caractéristiques.

Par exemple, est-ce qu'il y a des personnes avec le même nom, la même date de naissance, mais un prénom différent. Ou le même nom, le même prénom, mais une date de naissance différente.

Présentation de l'onglet "Options" dans le panneau "Source de Données" (ou panneau iBase), dans le programme IBM i2 Analyst's Notebook (ANB).

Cet onglet propose plusieurs options qui vous permettent de définir :

  • quelle action doit être effectuée lors d'un double sur une entité (affichage des informations ou étendre)
  • les valeurs par défaut des champs standards
  • le fait que les entités de départ soient sélectionnées ou non
  • la réorganisation ou pas des entités initiales, suite à un Etendre

Présentation de la fonction d'iBase "Ouvrir les Liens Hypertextes", accessible depuis le programme IBM i2 Analyst's Notebook (ANB).

Cette fonction présente le ou les liens Hypertextes qui ont été définis pour une ou plusieurs entités.

Cette vidéo présente comment maximiser la taille des graphes sur le programme IBM i2 Analyst's Notebook.

Elle montre comment vous pouvez :

  • Cacher les Panneaux
  • Cacher le Ruban
  • Passer en mode Plein écran

Elle montre aussi comment utiliser 2 écrans (ou plus) pour placer certains panneaux sur les autres écrans, afin d'avoir un graphe le plus grand possible.

La suite de l'analyse de données d'exemples.

Ces données correspondent aux contrôles de véhicules dans la ville de Minneapolis, aux USA, en 2017.

La première partie de cette vidéo expliquait comment importer les données du fichier CSV sur le graphe Analyst's Notebook (ANB).

L'utilisation de la fonction Clichés dans le programme IBM i2 Analyst's Notebook.

Les Clichés vous permettent de suivre l'évolution de la création d'un graphe, en prenant un "cliché" pour les différentes étapes importantes de la création du graphe.

Présentation des fonctions Grouper et Dégrouper du programme IBM i2 Analyst's Notebook. Ces 2 fonctions sont dans le menu "Réorganiser" du Ruban.

Présentation de la fonction Panneau d’aperçu du programme IBM i2 Analyst's Notebook (ANB).

Cette fonction permet d'avoir, dans un petit panneau, une vision globale du graphe, et de savoir où on se situe sur le graphe.

Elle permet aussi de se déplacer rapidement sur le graphe, et de changer le niveau de zoom (de 1 à 400%).

These videos provide you with an introduction to merging entities and links, and, combining attributes.

  • It is useful to merge entities when you identify two or more entities on your chart that represent the same real-world object. For example, you might incorporate data into your chart from a source that uses different naming conventions or you might discover that several people on your chart are the same person with different aliases.
  • It is useful to merge links when you have several links between two entities that represent a number of events and you want to represent them as a single link. For example, you might want to represent several transactions from one bank account to another as a single link that indicates the total amount that is transferred.
  • in the case of attributes, if you add data from two data sources, the different sources might use different attribute classes to denote the same information. You can combine these two classes into a single attribute class.
  • Objective

    • Learn how to use the new ribbon navigation which is part of i2 Analyst's Notebook version 9.0.0

    Duration

    12 minutes

    Suite de la présentation des différentes options de la fonction Etendre d'iBase dans le programme IBM i2 Analyst's Notebook (ANB).

    Cette vidéo est dédiée à l'option "Multiplicité de connexion", qui permet de choisir entre "Unique", "Dirigée", ou "Multiple".

    Description des différentes options de la fonction Etendre sur le programme IBM i2 Analyst's Notebook (ANB), sur une base i2 ibase.

    Les 7 options sont :

    • Profondeur
    • Libellé des liens
    • Multiplicité des liens
    • Filtres sur les types d'entités et/ou les types de liens
    • Style de représentation - Inclure les liens connectés
    • Inclure les voisins communs

    Comment utiliser les différentes options de la fonction Etendre, depuis le programme IBM i2 Analyst's Notebook (ANB), vers une base de données i2 iBase.

    Les options présentées ici sont :

    • Niveau d'étendre (ou Niveau de profondeur)
    • Inclure les liens connectés
    • Inclure les voisins communs

    This course presents a series of videos dealing with data duplication on IBM Analyst's Notebook chart. The ways to resolve or working with the data duplication is using one of the many options within the i2 Analyst's Notebook application. These topics describe the following:

    • Provides the three kinds of duplicate data and how you might choose to resolve the duplication.
    • Describes how to handle the duplicate data when it is imported into i2 Analyst's Notebook.
    • Use the Find Matching Entities option,  which essentially means Fund Duplicate Entities in i2 Analyst's Notebook. The video describes how to use the Find Matching Entities option.
    • Describes how to use Smart Matching within i2 Analyst's Notebook to find matches in the data.
    • Provides an example of how to use the Smart Matching Against Selection option when searching for matching data.
    • Introduces using the Previously Linked Matches option to retrieve all the matches you previously found and linked.
    • Describes how to exclude two or more entities that are not duplicates. This prevents those matches from occurring in future Find Matching Entities searches.

    Installation du programme IBM i2 EIA (Enterprise Insight Analysis), version 2.2.0, en français.

    On installe d'abord le moteur de BdD IBM DB2, puis le programme IBM Installation Manager.

    On installe ensuite les prérequis pour EIA, puis EIA, puis Analyst's Notebook Premium V9.1.

    On réalise ensuite un déploiement basique (en version OPAL), puis on importe des données dans la base Information Store.

    On lance ensuite ANB-P, et on vérifie que l'on peut se connecter à EIA 2.2.0

    durée: 49 minutes

    Ce petit outil gratuit (contacter le support IBM i2 pour l'obtenir) vous permet de trouver des similitudes entre des enregistrements dans une base IBM i2 ibase.

    Les similitudes se basent sur le fait que 2 valeurs diffèrent uniquement par une seule lettre, ou par 2 lettres inversées.

    Le résultat est présenté sous la forme d'un fichier CSV, qui peut ensuite être importé dans iBase sous la forme de liens Similaires.

    Cet outil gratuit (adressez-vous au support IBM i2 France) va vous permettre de trouver quels sont les couples d'entités qui ne sont pas reliées directement, mais qui ont un nombre important de voisins communs.

    Ceci peut être le signe que ces 2 entités se connaissent, ou ont un lien qui n'avait pas été trouvé jusqu'à présent.

    Cet outil ne fait que donner des propositions, c'est aux analystes de valider le fait que 2 entités sont ou pas reliées.

    Comment utiliser l'option "Suppression Logique" dans le programme IBM i2 iBase.

    Cette option vous permet de définir que les enregistrements (entités et liens) ne sont pas physiquement supprimés de la base de données, mais deviennent inaccessibles.

    Ceci est utile dans le cas où des données sont supprimées par erreur, car il est alors possible de récupérer ces données.

    Comment, dans le programme IBM i2 iBase Designer, créer un champ qui va afficher l'âge d'une personne (ou d'un événement) ?

    Cette vidéo explique comment utiliser un champ de type "Nombre calculé", qui prend comme paramètre la date de naissance d'une personne (ou toute autre date pour laquelle vous souhaitez avoir l'âge en années).

    Présentation de l'option Filtrer les types d'entités et les types de liens de la fonction Etendre d'iBase, depuis le programme IBM i2 Analyst's Notebook (ANB).

    Cette vidéo fait partie d'une série dédiée à la fonction Etendre d'iBase, dans i2 Analyst's Notebook.

    Overview

    Certification campaigns are a formal process that automates the periodic review of a relationship, and enables critical access decisions by nontechnical line-of-business managers.

    This video shows how administrators configure certification campaigns to satisfy the company's business needs, and how business users (campaign reviewers and supervisors) operate and interact during a certification campaign.

    Overview

    This course demonstrates how to use IBM Identity Governance and Intelligence to manage users, and user accounts, on the CyberArk Privileged Account Security server.

    The first part of the course focuses on installing the adapter and configuring a connection with a CyberArk server, while the second part demonstrates some relevant adapter features, like user and account creation, entitlement management, account suspension, password change, and finally, user deletion.

    NEW

    Overview

    IBM Security Identity Governance and Intelligence (IGI), is an appliance-based integrated identity governance solution. This solution employs business-centric rules, activities, and processes. It empowers line-of-business (LOB) managers, auditors, and risk managers to govern access and evaluate regulatory compliance across enterprise applications and services.

    Objectives
    This lab provides a brief tour of the available applications to help you become familiar with the IGI user interface.

    • Tour of the Administration Console
    • Tour of the Service Center
    • Access Governance Core
    • Managing the exchange of data
      • Loading data by using the Bulk Data Load tools
      • Loading data by using the Enterprise Connectors
    • Role lifecycle management
      • Exploring roles
      • Exploring role mining
    • Access risk control modeling
    • Certification campaigns
    • Reporting
    • Automating tasks
    • Tour of the Virtual Appliance console

    Overview: The Identity Governance and Intelligence, or IGI, Rules Development Toolkit is a project for the Eclipse Java IDE, designed to assist the IGI administrator in developing and troubleshooting Java rules for IGI.

    This video demonstrates how to download, install, execute and use the IGI Rules Development Toolkit.

    THIS COURSE IS RETIRED!
    Visit the following course for the updated version:  IGI Overview

    Overview
    IBM Security Identity Governance and Intelligence (IGI), is an appliance-based integrated identity governance solution. This solution employs business-centric rules, activities, and processes. It empowers line-of-business (LOB) managers, auditors, and risk managers to govern access and evaluate regulatory compliance across enterprise applications and services.

    Objectives
    This lab provides a brief tour of the available applications to help you become familiar with the IGI user interface.

    • Tour of the Administration Console
    • Tour of the Service Center
    • Access Governance Core
    • Managing the exchange of data
      • Loading data by using the Bulk Data Load tools
      • Loading data by using the Enterprise Connectors
    • Role lifecycle management
      • Exploring roles
      • Exploring role mining
    • Access risk control modeling
    • Certification campaigns
    • Reporting
    • Automating tasks
    • Tour of the Virtual Appliance console

    In this session presented live at Think 2018, we review the framework built to leverage IBM Security Access Manager (ISAM) REST APIs using Python/Ansible to fully automate all changes to ISAM. This provides an overview for new customers and assists those who are already leveraging this approach.

    Identity Governance & Intelligence Free 45-Day Trial

    This roadmap is designed to guide an IGI trial user through key administration and business user tasks such as role lifecycle management, managing SoD and other risks, running access certification campaigns and managing reports.

     

    Make sure to register for the free 45-day trial of Identity Governance & Intelligence on the product marketplace page.


    Overview

    This course shows you how to import the Resilient license, a necessary step before the Resilient platform can be used. There are two ways to accomplish this task, both of which are shown in the video.

    Agenda:

      • Transferring the Resilient license file
      • Importing the Resilient license file
      • Verifying the license import was successful
      • A second method of importing the license
      • Verifying the status of the Resilient license

      This course has been bookmarked to aide navigation and contains English language closed captions.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course contains 6 videos that cover various topics important to understand when installing and configuring the IBM Resilient Appliance.



      Agenda
      • Configuring SSL/TSL certificates
      • Importing the Resilient License Key
      • Updating the Resilient Appliance Software
      • Installing optional packages
      • Setting the time zoneSMTP Email configuration
      Closed captions: English, French, German, Spanish and Japanese

      Comment installer la version 8.9.12 du programme iBase.

      Le pré-requis "SQL Native Client" peut se trouver sur le site Microsoft.

      In this video, you will learn how to enable Android Enterprise using a free single-user Gmail account. This requires domain verification.
      Android Enterprise is a service that must be enabled in the MaaS360 portal. If you use an Android device platform, Google and IBM MaaS350 recommend that you use Android Enterprise for your deployment, as opposed to traditional Device Administrator-based deployments.

      You can integrate QRadar and threat intelligence from IBM X-Force Exchange to protect your organization against ransomware attacks. This video walks you through configuring threat data feeds from X-Force Exchange to monitor and detect ransomware outbreaks such as Petya or WannaCry.

      This video provides a brief demonstration of IBM Security Identity Manager (ISIM) v7.0.0.2 administration. It has three parts. The first part includes administrative tasks such as managing organizational structure, roles, users, services, policies, and approvals. The second part teaches you how to use ISIM as an end user to request an access and approve the request as a manager. The third part demonstrates Active Directory integration exercises.

      In this video, you will learn how you can set up federated directories to connect to your Active Directory, then enable native Kerberos Single Sign-On to allow IBM Access Manager to single sign on to Microsoft® systems.


      Stateful tests in rules, which are configured as local, are evaluated by the CRE instance that receives the events and flows. Stateful tests in rules, which are configured as global, are evaluated by the CRE instance on the Console. In this course you learn about both of these options, which allows you to make an informed decision on whether to configure a rule as local or global. This course addresses the following topics:

      • Configuring rules as local or global
      • Examining the effects on rules with only stateful tests
      • Examining the effects on rules with only stateless tests
      • Examining the effects on rules with both stateful and stateless tests
      • Examining the effects on rule responses
      • Considering pros and cons

      Overview

      The Resilient platform logs various client and server activity in log files, located in the following directory: /usr/share/co3/logs/ This video will show you how to configure logging on the Resilient platform.


      Duration: 4 minutes

      Closed captions: English, French, German, Spanish and Japanese


      In this video, you review how to use the DSM Editor to select a log source type, configure property parsing, and create new event categories and mapping. You also examine the new features of the QRadar DSM Editor, which are contained in the Configuration section. 

      This video focuses on the new features: log source autodetection and properties. These features are available with QRadar SIEM 7.3.2.


      IBM MaaS360 is a comprehensive mobile management and security solution for devices, applications, and content. In this module, you learn how to set up a MaaS360 organization account using the MaaS360 portal. You learn to navigate the portal and use portal workflows to complete account configuration and begin managing your mobile enterprise. Duration: 3 hr 40min (Lecture), 90 min (Exercises)



      IBM MaaS360 is a comprehensive mobile management and security solution for devices, applications, and content. In this module, you learn how to use MaaS360 to manage and secure the mobile apps for your enterprise.You learn how to build an enterprise app catalog using the MaaS360 portal and distribute the app catalog to mobile devices. Duration: 1hr 15min (Lecture), 1 hr (Exercises)

      Dans cette formation, vous allez découvrir le module Exchange ActiveSync Manager de Cloud Extender que vous pouvez intégrer aux environnements de courrier, soit sur le cloud (Microsoft Cloud), soit en local (Exchange). L’intégration au système de messagerie d’entreprise est une solution simple pour commencer à gérer les appareils connectés dans toute votre entreprise. Vous allez apprendre à utiliser cette intégration, à connaître ses exigences, et à obtenir des informations détaillées sur son implémentation.

      This video provides a broad overview of how you can use the MaaS360 Content Library to host and distribute documents to your end users. You learn how to add documents and folders to the MaaS360 Content Library.

      In the first part of this MaaS360 Unified Endpoint Management course series, you learn about enrolling iOS and Android devices, device policies, and distributing apps and documents to mobile devices.

      In the second part of this MaaS360 Unified Endpoint Management (UEM) course series, you learn about configuring container, or workplace persona policies, bulk enrollment workflows, and how you can integrate Active Directory with Cloud Extender.

      In the third part of this MaaS360 Unified Endpoint Management course series, you are introduced to  Artificial Intelligence (AI) insights in My Advisor with Watson and contextual analytics. Identity and access management, or Cloud Identity Connect (CIC) is explained as well as in depth details on the Cloud Extender Configuration Tool. 

      IBM MaaS360 is a comprehensive mobile management and security solution for devices, applications, and content. MaaS360 supports both single-customer organization accounts and multitenant hierarchy accounts. Hierarchy accounts enable IBM Business Partners to cobrand and manage the MaaS360 service for many tenants. This module provides an introduction to the MaaS360 multitenant architecture and supported hierarchies for various delivery models that can be exploited by service providers, resellers, and distributors. You learn how to set up a multitenant hierarchy account, navigate the portal using a hierarchy account, and provision and manage your tenants. Duration: 2 hours


      In this Open Mic session, Matthew Shaver shares MaaS360 enrollment tips, tricks, and best practices. You learn about the various enrollment types such as unique one-time passcodes, local user credentials, corporate Active Directory integration, and two-factor authentication. Enrolling devices using the web URL and Enroll On Behalf Of methods are also discussed. Use the table of contents to access the following topics in the presentation.

      In this demonstration, as a MaaS360 administrator, you learn how to add Android devices from the Quick Start, enroll them using a one-time passcode, and review them in Device Inventory. 

      This video shows how to add content and content sources to the MaaS360 Content Library that can be distributed by administrators and accessed by device users. This course contains German and French language closed captions.

      In this demonstration, as a MaaS360 administrator, you learn how to add iOS devices from the user directory, enroll them using a one-time passcode, and review them in Device Inventory.

      In this demonstration, you learn how to navigate the MaaS360 collaborative apps for mail, calendar, and contacts on an Android device.

      The previous version of this course contains French and German language closed captions.

      In this demonstration, you learn how to to set up the MaaS360 app catalog with Android for Work apps, and distribute them to devices. 

      This course contains German and French language closed captions.

      In this video you learn how to wrap an iOS and Android enterprise app with MaaS360 WorkPlace Persona policies. You test the DLP policies on the device.

      In this video you learn how to build an enterprise App catalog that can be distributed to devices.

      This course contains German and French language closed captions.

      In this video, you learn how to collect logs to send to IBM support for troubleshooting. You also learn how to enable and disable verbose logging.

      In this video, you learn how to collect logs from an iOS device to send to IBM Support for troubleshooting. You also learn how to enable and disable verbose logging.

      In this demonstration, you learn how to enable and configure User Visibility and User Authentication using the Cloud Extender Configuration Tool and the MaaS360 portal.  The advanced LDAP configuration for Active Directory is used to import users and groups, and to enable authentication using corporate credentials.

      This course contains German and French language closed captions.

      In this demonstration, you learn how to configure Gateway and Secure Browser settings in the WorkPlace Persona policy, configure Content Sources, and access Gateway integrated resources from a device. On the device, MaaS360 Docs and the Secure Browser are used to access resources.

      This course contains German and French language closed captions.

      In this demonstration, you learn how to set up the Apple Push Notification service (APNS) certificate that is required for MDM providers to manage Apple devices.

      In this video you learn how to clean up old device records from MaaS360 and mail servers.

      Apps can be distributed as they are added to the MaaS360 app catalog or afterwards to a specific device, group of devices, or all devices. This course demonstrates the various ways you can distribute apps to end-users. 

      This course contains German, French, Japanese, and English language closed captions.

      In this demonstration, you learn how to configure the Mobile Enterprise Gateway in relay mode on a standalone server for demonstration and evaluation purposes. Gateway clusters and direct mode settings are also reviewed to prepare you for a production implementation.

      This course contains German and French language closed captions.

      In this demonstration, you learn how to enroll an iOS device. This scenario demonstrates the iOS enrollment where an administrator generates a unique enrollment request with a one time passcode for a local user.

      In this video you learn how to integrate with G Suite for enterprise mail integration.

      In this demonstration, you walk through the installation of the Cloud Extender core and launch the Cloud Extender Configuration Utility. The demonstration assumes you already downloaded the Cloud Extender package and requested a license key. Review the how to video MaaS360: Enabling and downloading the Cloud Extender first. 

      This course contains German and French language closed captions.

      In this how to video series, you learn how to enable and configure the MaaS360 Cloud Extender Exchange integration module for Microsoft Exchange 2013. Enabling and configuring Enterprise Email integration allows you to import devices from existing cloud and on-premise mail environments into MaaS360 for Unified Endpoint Management.


      In this demonstration, you learn how to create local users and local groups and associate existing users with the new group. The alternative to adding local users and groups in the portal, is to integrate MaaS360 with your corporate directory service using the Cloud Extender, and automatically import users and groups. The previous version of this course contains German, French and Spanish language closed captions.

      In this module, you learn the MaaS360 Productivity Suite features that you can use to protect your organization’s corporate content on mobile devices. You learn how to configure services and security settings in the MaaS360 portal with a focus on the WorkPlace Persona policy. You also learn how to build a Content Library and distribute content to devices.

      In this video, you learn how portal administrators can reset the device passcodes for iOS and Android devices. You also learn how users reset the MaaS360 container/app passcode.

      In this demonstration, you learn how to set up a 30 day MaaS360 trial account using an IBM ID. If you do not have an IBM ID, you create one as part of the process. Use the trial account to evaluate MaaS360, and when you are ready, it can be set as your production account without any rework.  

      This course contains German and French language closed captions.

      In this video, you learn how enabling different services affect what persona policy options are available for configuration. You learn the different persona policy settings and how they are used to secure corporate content on mobile devices.

      This course contains German and French language closed captions.

      In this video you learn how policies are assigned: default, manual, groups, dynamic, precedence. You also learn how to identify policies that are assigned to devices.

      In this video you learn how to enable the TeamViewer service in the portal, initiate a session between the administrator and user's device, and use TeamViewer to view the user's device for troubleshooting purposes.

      In this demonstration, you learn how to navigate the MaaS360  collaborative apps for mail, calendar, and contacts on an iOS device.

      In this training module, you learn the high-level MaaS360 enterprise integration architecture, how Cloud Extender and its modules fit into the architecture, and the functions of each Cloud Extender module.  


      Overview

      The Resilient Incident Response Platform has been updated to incorporate the new data breach notification requirements of the EU General Data Protection Regulation (GDPR). This video demonstrates these enhancements by walking through how notifications would be handled during a ransomware attack at a hospital where personal data was exposed.

      Closed captions: English, French, German, Spanish and Japanese

      In this course, you learn how to integrate IBM MaaS360 and Microsoft Office 365 for unified endpoint management of devices that are accessing corporate email. 



      Overview

      This course demonstrates how to manage logs in the IBM Resilient appliance. This includes how to configure logging, audit logging and syslog.




      Agenda

      • 1. Log configuration
      • 2. Configuring audit logs
      • 3. Configuring syslog

      Duration: 8 minutes

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course covers aspects of managing users and groups in IBM Resilient such as creating users using the Resilient user-interface or by using terminal commands and how to reassign incidents and tasks to a different user.



      Agenda

      1. Creating a user using using the UI
      2. Creating a user using terminal commands
      3. Reassigning incidents and tasks
      4. Enabling LDAP authentication
      5. Enabling LDAP users in groups and deleting LDAP users
      Closed captions: English, French, German, Spanish and Japanese

      Dans ce module, vous allez découvrir le module Cloud Extender Certificate Integration. Il vous permet d’intégrer des autorités de certification sur le cloud et sur site à IBM MaaS360 afin d’utiliser des schémas d’authentification avancés. Vous allez apprendre à utiliser cette intégration, à connaître ses exigences, et à obtenir des informations détaillées sur son implémentation.

      Ces vidéos contiennent des sous-titres en français.


      The MaaS360 portal provides one uniform view for managing all of your devices, content, and apps. In this video, you learn to navigate the IBM MaaS360 portal home page. 

      In this video, you learn how to create building blocks and how they differ from QRadar custom rules. You will be able to leverage building blocks for their typical purposes of reducing complexity and resource consumption, facilitating reuse of functionality and information, as well as reflecting your organization's IT environment.

      Understanding the architecture of the IBM QRadar ecosystem is viable for everyone in IT Security who is concerned with solutions within the security immune system. By learning how the central Security Intelligence components are designed to take in and process log events and flow data, you will be better equipped to holistically work as a Security Analyst with IBM QRadar. This course includes three videos:

      1. QRadar functional architecture and deployment models
      2. QRadar SIEM component architecture
      3. Dissecting the flow of a captured event

      QRadar collects network activity information, or what is referred to as "flow records".  Flows represent network activity by normalizing IP addresses, ports, byte and packet counts, as well as other details, into "flows", which effectively represent a session between two hosts. QRadar can collect different types of flows, which differ greatly in the collected details. In this video series, we explain and demonstrate the differences between the following network flow capture mechanisms:

      • Cisco Netflow
      • QRadar QFlow
      • QRadar Network Insights (QNI)

      The capacity of a deployment is measured by the number of events per second (EPS) and flows per minute (FPM) that IBM QRadar can collect, normalize, and correlate in real time. The event and flow capacity is set by the licenses that are uploaded to the system. In this video, you learn about the features of managing the license event and flow capacity.

      • Define functions of event and flow processing capacity, such as shared license pool, capacity sizing, and internal events
      • Define burst handling

      This IBM Security Support Open Mic video explains how QRadar uses log source protocols to collect event data, capturing configuration properties, error messages, and other use cases for data collection.

      Objectives:

      • Events FAQ and terminology
      • Listening protocols (Syslog)
      • Polling protocols (JDBC / Log File)
      • Tips and performance Suggestions
      • Specialty protocols (APIs)
      • Questions and discussion

      You can enhance the Windows log collection capability by using a publicly available tool called System Monitor (Sysmon). In combination with QRadar SIEM you can now process much more detailed events to protect your deployment from malicious attacks.

      This course contains the following video lessons:

      • Sysmon Introduction 
      • Use Case 1 - Malicious File Injection and Execution 
      • Use Case 2 - In memory attack 
      • Use Case 3 - Base64 encoded data obfuscation 
      • Use Case 4 - Hiding behind a common Windows service process 
      • Use Case 5 - Malicious file injection using encrypted HTTPS 
      • Use Case 6 - Detecting Other Libraries
      • Use Case 7 - Privilege Escalation Detection
      • Use Case 8 - More Privilege Escalation Detection
      • Use Case 9 - Even More Privilege Escalation Detection
      • Use Case 10 - Creating an Admin Account
      • Use Case 11 - Detecting Name Pipe Impersonation
      • Use Case 12 - Detecting Mimikatz
      • Use Case 13 - Sysmon Lateral Movement Detection, Example One
      • Use Case 14 - Sysmon Lateral Movement Detection, Example Two
      • Use Case 15 - Sysmon Lateral Movement Detection, Example Three
      • Use Case 16 - Sysmon Detecting BadRabbit
      • Use Case 17 - Sysmon and Watson chasing BadRabbit

      Every QRadar SIEM Analyst has to master basic investigations skills. In this video series you learn about the following topics: 

      • Using flexible Searches to narrow down your investigations 
      • Finding Anomalies
      • Monitoring internal Log Sources

      This IBM Support Open Mic video covers topics around QRadar software updates and a best practice admin checklist.

      • Before you begin 
      • Patch and upgrade checklist 
      • Firmware 
      • Troubleshooting
      • Reference

      This video provides an overview of the QRadar UBA application architecture. You learn about UBA concepts, such as the senseValue variable, risk scores, and the IBM Sense DSM. The video also shows how QRadar rules are connected to UBA, and how to access the UBA docker container and application logs.



      In this QRadar Open Mic you learn about domains and tenants, and how these concepts are implemented and used. You also hear about tips and other helpful information for QRadar administrators.

      To properly understand and use the capabilities of QRadar SIEM beyond the basic concepts, it is important to learn about assets. In this course, you learn how assets can be discovered and then dynamically updated by QRadar, including network information, running applications and services, active users, and vulnerabilities.

      With IBM QRadar SIEM, you can monitor and display network events in real time or perform advanced searches.

      The Log Activity tab displays event information as records from a log source, such as a firewall or router device. Use the Log Activity tab to do the following tasks:

      • Investigate events that are sent to QRadar SIEM in real time
      • Search events
      • Monitor log activity by using configurable time-series charts
      • Identify false positives to tune QRadar SIEM

      In IBM QRadar SIEM, you can investigate the communication sessions between two hosts.

      If the content capture option is enabled, the Network Activity tab displays information about how network traffic is communicated and what was communicated. Using the Network Activity tab, you can do the following tasks:

      • Investigate the flows that are sent to QRadar SIEM in real time
      • Search network flows
      • Monitor network activity by using configurable time-series charts

      IBM QRadar uses the network hierarchy objects and groups to organize network activity and monitor groups or services in your network.

      When you develop your network hierarchy, consider the most effective method for viewing network activity. The network hierarchy does not need to resemble the physical deployment of your network. QRadar supports any network hierarchy that can be defined by a range of IP addresses. You can base your network on many different variables, including geographical or business units.

      In this course, you learn about the following Network Hierarchy fundamentals:

      • Part 1 - Network Hierarchy Basics 
      • Part 2 - Structuring your Network Hierarchy
      • Part 3 - Keeping the Network Hierarchy Updated

      In this video, you learn about how QRadar rules perform tests on events, flows, or offenses. If all the conditions of a test are met, the rule generates a response.

      QRadar SIEM includes rules that detect a wide range of activities, including excessive firewall denies, multiple failed login attempts, and potential botnet activity. 

      The following list describes the two rule categories:

      • Custom rules perform tests on events, flows, and offenses to detect unusual activity in your network
      • Anomaly detection rules perform tests on the results of saved flow or event searches to detect when unusual traffic patterns occur in your network

      The Fictional Insurance Company is planning to deploy a centralized Security Intelligence solution that can tie in with many of their IT infrastructure components.

      Here, they are investigating the topic of vulnerability management and learn about IBM QRadar Vulnerability Manager (QVM).

      James, an IBM Security Intelligence Architect, meets with Kate, the CISO of The Insurance Company, to explain to her the fundamentals behind an enterprise vulnerability management program.

      James explains that vulnerability management is part of a continuous enterprise IT security risk process. He focuses on vulnerabilities in an IT context and takes a close look at the security intelligence timeline. In the context of an overall IT Risk Management program he illustrates environmental influence factors. Finally, he demonstrates how vulnerabilities are ranked and filtered using IBM QRadar Vulnerability Manager.

      This video will demonstrate how i2 Analyst's Notebook version 9.1.x can easily open charts locked by corrupted files  unlike previous versions of i2 Analyst's Notebook.

      Overview

      This course covers backup up and restoring the Resilient application for on-premise customers running Resilient version 27.2 or higher. These procedures will backup and restore all user data in the appliance including the Resilient database, file attachments and the keyvault file.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      The keyvault stores all passwords used within IBM Resilient. If the keyvault were lost, it would result in a considerable loss of data. For that reason, the Resilient platform runs a backup of keyvault files to the system database anytime passwords are added or removed and after each system upgrade. This course shows how to use the resutil keyvaultrestore command to restore keyvault files from the system database.

      Duration: 4 minutes

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      Configuring Secure Sockets Layer (SSL) or Transport Layer Security (TLS) Certificates in the IBM Resilient Appliance is not difficult. The Resilient Appliance ships with a self-signed certificate but, for optimal security, it is recommended you obtain a certificate from a trusted authority. This course details the steps necessary to obtain and install an SSL or TLS certificate.

      Duration: 4 minutes

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to create a new workspace in IBM Resilient.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course shows you how to create global or workspace roles in IBM Resilient.

      Global roles define a set of permissions that apply across the organization.
      Workspace roles define a set of permissions for specific workspaces only.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to create new users using resutil terminal commands


      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course covers the creation of new users using the Resilient user interface as well as the assignment of roles and groups.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to "defang" your URLs in IBM Resilient to help assure users do not inadvertently click on malicious links.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to delete and existing workspace in IBM Resilient.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to delete a role from within IBM Resilient.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to delete or deactivate a user from Resilient.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to set up LDAP authentication for IBM Resilient including a discussion of prerequisite work that must be completed first.


      Closed captions: English, French, German, Spanish and Japanese

      Overview

      When creating a Resilient group, you can link the group to any LDAP group. The result is that members of that LDAP group who are also members in the authorized group are added to the Resilient group. Any membership changes in the LDAP group are reflected automatically in the Resilient group. This feature allows you the flexibility to create numerous groups for specific tasks or duties.

      Duration: 9 minutes

      Closed captions: English, French, German, Spanish and Japanese


      Overview

      This course describes how to encrypt a keyvault password in IBM Resilient. The keyvault password is stored as an unencrypted file by default but can be encrypted using gpg to protect it and decrypted whenever needed.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course describes the external network access needed by Resilient to function properly.

      Duration: 2 minutes

      Closed captions: English, French, German, Spanish and Japanese


      Overview

      This short course describes the difference between Global and Workspace roles.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      Users with the required permission can create and edit wiki pages from within the application. This enables organizations to add important information, guidelines, and reference material for the Incident Response team and wikis can be used as part of incident response process. The wiki feature is useful as a central repository for storing content, references, and guidelines to support users working on incidents and tasks. Users can link to existing wiki pages from incident and task notes and other wiki pages.

      Closed captions: English, French, German, Spanish and Japanese


      Overview

      This course demonstrates how to install the Resilient appliance using an OVA file.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course discusses keyvaults, keystores and secrets within IBM Resilient.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course covers LDAP Authentication and the use of LDAP Trees within IBM Resilient.


      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to migrate organizational settings by importing and exporting them from one organization to another.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      Use the notifications feature to alert users when a specific condition occurs for an object. A condition can be anything you choose, such as object creation or deletion, or a change in value to a field. An object can be an incident, note, milestone, task, attachment, or artifact.

      Through substitution you can insert into the body of the notification, information about the object and its parent to provide additional information. The available objects are incident, note, milestone, task, attachment, and artifact. You can reference the parent (incident or task) of the object, and any custom fields of that parent object.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course describes how to view and request changes to your organization details within Resilient.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      >This course reviews the organizational settings that can be made on your Resilience instance, such as

      • Session Timeout
      • Attachments
      • Default Tasks
      • Incident Deletion
      • LDAP Authentication
      • Two-Factor Authentication
      Closed captions: English, French, German, Spanish and Japanese

      Overview

      A role is a specific set of permissions, which you can assign to users and groups. The Roles tab allows you to define and manage roles. You can assign multiple roles to a user, which gives the user a super-set of all the permissions in the roles.

      This course reviews the predefined roles on the IBM Resilient appliance and provides caution regarding changing critical administrative roles.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to reassign incidents and tasks to new owners in Resilient.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course provides an overview of available permissions categories when specifying roles for your IBM Resilient users.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This course demonstrates how to set the time zone on the IBM Resilient Appliance.

      Duration: 3 minutes

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      When artifacts are added to incidents, the Resilient platform can optionally search for those artifacts in several cyber threat sources that have been integrated into the product. This course demonstrates how to enable and disable threat sources in Resilient.

      Closed captions: English, French, German, Spanish and Japanese


      Overview

      This course covers Two-Factor Authentication with IBM Resilient.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This video demonstrates how to upgrade the Resilient Appliance. The Appliance can only be upgraded one major version at a time. This course shows how to install upgrades after they have been downloaded from the IBM Resilient Customer Success Portal.

      Closed captions: English, French, German, Spanish and Japanese


      Overview

      This course reviews the key concepts of Resilient workspaces. A workspace is present on the system at all times. Users with the global permission for workspaces can create and manage workspaces. New incidences can be assigned to any of the existing workspaces.

      Closed captions: English, French, German, Spanish and Japanese

      Overview

      This short video discusses the prerequisites necessary to successfully install the Resilient appliance on a host. The Resilient appliance is a self-contained server that runs the Resilient platform.

      Closed captions: English, French, German, Spanish and Japanese


      Overview

      This course reviews key issues in managing security in IBM Resilient. Topics cover a broad range of issues such as how to defang a URL, change ciphers and protocols, how to work with keyvaults, keystores and secrets as well as how to encrypt and backup the keyvault password.

      Agenda

        1. Defanging URLs
          • This video demonstrates how to "defang" your URLs in IBM Resilient to help assure users do not inadvertently click on malicious links.
        2. Changing Ciphers and Protocols in IBM Resilient
          • This video demonstrates how to change the ciphers and protocol in IBM Resilient. There is a review of which ciphers and protocols are used by default using the nmap application, followed by a demonstration of which files need to be edited in order to adjust the ciphers and protocols being used.
        3. Keyvaults, Keystores and Secrets
          • This video discusses keyvaults, keystores and secrets within IBM Resilient.
        4. Encrypting the keyvault password
          • This video describes how to encrypt a keyvault password in IBM Resilient. The keyvault password is stored as an unencrypted file by default but can be encrypted using gpg to protect it and decrypted whenever needed.
        5. Backing up the keyvault
          • The keyvault stores all passwords used within IBM Resilient. If the keyvault were lost, it would result in a considerable loss of data. For that reason, the Resilient platform runs a backup of keyvault files to the system database anytime passwords are added or removed and after each system upgrade. This video shows how to use the resutil keyvaultrestore command to restore keyvault files from the system database.


        Duration: 19 minutes

        Closed captions: English, French, German, Spanish and Japanese


        Overview

        This video shows how to use the Resilient Disaster Recovery system.

        • Enabling the Resilient DR system
        • Verify the DR is enabled correctly using the health monitoring
        • Enabling the receiver as the active Resilient appliance
        • Run a controlled swap of the master and receiver
        • Running a playbook to disable DR
        Closed captions: English, French, German, Spanish and Japanese


        In IBM Security Access Manager v9.0.4, a new OpenID Connect (OIDC) implementation is available where OIDC is built on top of OAuth 2.0.  In previous versions, OIDC and OAuth were implemented separately, and OIDC support was limited to simple Single Sign-on use cases.  In this course, you will learn about the benefits of this new implementation.

        Overview

        This video demonstrates how to install and set up the Resilient Disaster Recovery system. The disaster recovery (DR) system involves installing and setting up DR on two appliance systems.

        Setup overview
        - Verify the prerequisites
        - Install and set up DR and optional packages on both appliances
        - Install the SSL certificates
        - Create Ansible vault files for each appliance
        - Create Ansible inventory files for each appliance


        Closed captions: English, French, German, Spanish and Japanese


        Overview

        This course demonstrates how to set up SAML Authentication in IBM Resilient. Use of SAML allows customers to use their own corporate login credentials to authenticate to Resilient.

        Duration: 8 minutes
        Closed captions: English, French, German, Spanish and Japanese

        Overview

        This course covers several alternative mechanisms for authenticating users in the IBM Resilient product, including LDAP, SAML and two-factor authentication.




        Agenda

        1. LDAP authentication
        2. SAML authentication configuration
        3. Two-factor authentication

        Duration: 22 minutes

        Closed captions: English, French, German, Spanish and Japanese

        This Open Mic Live session was originally broadcast from Think 2018 19-March-2018.

        Nick Lloyd and Steven Hughes from Access Manager Technical Support deliver this Open Mic LIVE at the 2018 Think conference. 

        This session covers IBM Security Access Manager appliance networking.


        License keys entitle you to specific IBM QRadar products, and control the event and flow capacity for your QRadar deployment. You can add licenses to your deployment to activate other QRadar products, such as QRadar Vulnerability and Risk Manager. After you apply the license keys to QRadar, redistribute the EPS and FPM rates to ensure that each of the managed hosts is allocated enough capacity to handle the average volume of network traffic.

        In this video, you learn about the features of managing licenses in QRadar SIEM.

        Overview

        This video shows how to use the Resilient Disaster Recovery Health Monitoring. DR Health Monitoring involves setting and fine-tuning values in the group_vars/all file.

        Agenda

        • Introduction
        • Syslog configuration
        • Health monitoring settings
        Closed captions: English, French, German, Spanish and Japanese

        Each event and flow is a record of an activity in you IT environment. For some events, and all flows, this activity includes a network connection. Many rules need to test, if this network connection is approved in your organization. The rules do this by testing whether the event or flow has been tagged by building blocks with names beginning with BB:HostDefinition and BB:HostReference. Their purpose is to signal QRadar SIEM, which network connections are approved in your organization. In this course, you learn how to approve network connections using these building blocks.



        Every organization must see and control the mobile devices entering their enterprise, whether they are provided by the company or part of a Bring Your Own Device (BYOD) program. IBM MaaS360 with Watson provides one uniform platform you use to manage your devices, content, and apps. This course introduces administrators to some of the first tasks that are needed to implement MaaS360 such as integrate with Apple programs, manage Android devices, build an enterprise app catalog, and assign corporate policies and compliance rules to devices and users.

        APNS, Apple, DEP, VPP, Android kiosk, KME, Knox Mobile Enrollment, app catalog

        IBM Identity Governance and Intelligence version 5.2.4 introduces some enhancements, and a new look and feel, to the user interface.

        This video demonstrates the new functionalities on the Service Center, available to a Business User.

        Agenda:

        • Updates in the Service Center User Interface
        • Customization of the login and logout pages
        • Column customization in Access Certification
        • Signoff updates in Access Certification
        • Password synchronization
        • Feedback survey

        In this set of videos, we introduce the powerful capabilities of IBM QRadar SIEM.

        • The first video depicts how data is ingested into the QRadar environment by collecting log information, network flow data, and vulnerability information. You learn about the asset model, and how the QRadar rules are used to create actionable offenses. In addition, the video explains the integration with IBM BigFix, as well as QRadar Risk and Vulnerability Manager.
        • The second video starts off by explaining the concepts of QRadar Reference Sets and how to use them. It then takes a look at the forensic capabilities, and briefly introduces the deployment architecture.
        • The third video focuses on integration capabilities between QRadar and IBM BigFix, IBM Guardium, network intrusion prevention systems, IBM Trusteer, IBM Identity Manager, and IBM mainframe SMF records,
        • After a brief recap of the QRadar fundamentals, the fourth video explains many of the new capabilities that have been recently added to QRadar. These include the new appliances QRadar Network Insights, the Data Node, and the App Node. It then provides an overview of the QRadar API and the App Exchange, and takes a closer look at some of the available app extensions, including the BigFix App, User Behavior Analytics, Sysmon integration, and the QRadar Advisor with Watson. Finally, it introduces the new DSM Editor.
        • Collecting and investigating network flows is one of the outstanding QRadar capabilities. The final video explains how QRadar approaches network flows, and how the security analysts benefit from this in their daily investigations.

        Overview

        This course will show you how to understand roles in the IBM Resilient product. A role is a specific set of permissions, which you can assign to users and groups. The Roles tab allows you to define and manage roles. You can assign multiple roles to a user, which gives the user a superset of all the permissions in the roles.The course demonstrates how to create and delete roles, describes the difference between global and workspace roles, which roles are predefined and explains how Resilient uses role categories.

        Overview

        This course teaches how the IBM Resilient product uses workspaces. The course covers key workspace concepts, how to create them and how to delete them.



        Agenda
        1. Workspace key concepts
        2. Create workspace
        3. Delete workspace

        Duration: 7 minutes
        Closed captions: English, French, German, Spanish and Japanese

        Comment ouvrir une base iBase dans le programme IBM i2 iBase.

        Ensuite, comment ouvrir plusieurs bases iBase. Deux cas possibles :

        • Les bases iBase partagent le même fichier de sécurité IDS
        • Les bases iBase utilisent des fichiers de sécurité différents
        Time:  13 minutes

        Quelques exemples de l'utilisation des recherches avancées dans iBase, depuis le programme IBM i2 Analyst's Notebook (ANB).

        Durée: 10 minutes

        Comment utiliser la fonction "Lister les plus connectés" dans le programme IBM i2 Analyst's Notebook.

        Time: 11 minutes

        Comment utiliser la fonction Orthographe dans le programme IBM i2 Analyst's Notebook.

        Time: 8 minutes

        Cette vidéo décrit les différentes fonctions du menu Style du programme IBM i2 Analyst's Notebook (ANB).

        Le menu Style se décompose en plusieurs sections :

        - Police

        - Style d'entité

        - Style de lien

        - Mettre en valeur

        - Modifier représentation

        - Mise en forme conditionnelle

        Temps: 32 minutes

        A quoi servent et comment utiliser les Jeux de Sélection dans le programme IBM i2 Analyst's Notebook (ANB).

        Les fonctions associées aux Jeux de Sélection se trouvent dans le menu Sélectionner.

        Time: 13 minutes

        La version 9.2.0 du programme IBM i2 Analyst's Notebook (ANB), qui est disponible depuis début Juillet 2019, propose plusieurs nouvelles fonctions.

        Parmi celles ci, on a la possibilité de sauvegarder automatiquement les dernières versions des graphes.

        C'est très utile pour :

        • Pouvoir revenir à une version précédente en cas d'erreur (on fait des modifications, on enregistre, et on se rend compte que l'on s'est trompé)
        • le cas (heureusement très rare) où ANB n'arrive pas à ouvrir un fichier ANB, et indique que le fichier est corrompu.
        Vous pouvez définir le nombre de versions à conserver. Nous recommandons d'activer cette option du programme.

        Durée: 16 minutes

        Comment effectuer une recherche dans une base de données iBase à partir du programme Bloc-notes IBM i2 Analyst à l'aide d'une recherche simple.

        Time: 10 minutes

        Apprenez à gérer la barre d'accès rapide d'Analyst's Notebook.

        Temps: 4 minutes

        NEW

        Cette vidéo présente 2 nouvelles options dans les Actions de Champs dans les Spécifications d'Importations, dans le programme IBM i2 Analyst's Notebook.

        Ces options permettent de:

        •  Découper un texte selon un séparateur (par exemple le '@' ou un point).
        •  Copier une action de champs sur un champ, et l'appliquer sur un autre champ.

        Cette vidéo présente 2 exemples de création d'une spécification d'importations, pour 2 fichiers différents.

        Durée: 17 minutes

        Description

        This video is part 2 of a two part series on what's new in version 9.0.0 of i2 Analyst's Notebook and i2 Analyst's Notebook Premium.  In this video, you will be shown how to:

        • connect data sources to i2 Analyst's Notebook
        • access information in i2 Analyze through the Intelligence Portal
        • access data from i2 i Base database
        • move i2 Analyst's Notebook task panes
        • use the File menu options
        • access and change the quick access bar menu
        • hide the i2 Analyst's Notebook ribbon interface

        Duration

        22 minutes

        Objective

        • Learn about the new quick access toolbar
        • Know how to make changes to the quick access toolbar
        • Understand what tasks are under each specific ribbon

        Duration

        2:17 minutes

        Le programme IBM i2 Analyst's Notebook (ANB) présente le monde sous la forme d'Entités, de Liens et d'Attributs.

        Il est donc fondamental de comprendre comment créer et insérer des entités, des liens et des attributs.

        Temps: 16 minutes

        Cette vidéo vous présente un exemple d'analyse de données géospatiales.

        Ces données sont dans le Domaine Public, et représentent des contrôles de véhicules dans la ville de Minneapolis.

        On a donc, pour chaque donnée, une date et une heure, une coordonnée géographique, et d'autres éléments concernant le conducteur du véhicule (les données sont bien sûr anonymisées).

        Temps: 23 minutes

        Cette vidéo présente la fonction Calculateur de champ (du menu Analyse) du programme IBM i2 iBase.

        Cette fonction permet de réaliser des calculs mathématiques sur des champs de type Date, Heure et Numérique.

        Les fonctions sur les champs Date et Heure sont "Plus récent" et "Plus ancien".

        Les fonctions de calcul sur les champs numériques sont

        • la plus faible
        • la plus élevée
        • la moyenne
        • la Somme de et
        • la Déviation Standard (l'écart type)
        Durée: 7 minutes

        Cette vidéo présente les fonctions Combiner et Analyser les Collections dans le programme IBM i2 iBase.

        Les collections sont intéressantes, car elles permettent de regrouper des enregistrements variés (de différents types d'entités et de liens).

        Contrairement aux Requêtes (qui sont rejouées à chaque fois), le contenu d'une Collection est figé (mais il est toujours possible d'ajouter ou de supprimer des éléments d'une Collection).

        Durée: 8 minutes

        Cette vidéo explique comment créer rapidement plusieurs liens entre une entité donnée et un groupe d'autres entités.

        Durée: 6 minutes

        NEW

        Cette vidéo présente la fonction Définitions de Rapport du programme IBM i2 iBase.

        Cette fonction vous permet de définir le format des rapports pour les types d'entités (les rapports pour les types de Liens feront l'objet d'une autre vidéo).

        Durée: 23 minutes

        NEW

        Cette vidéo présente la fonction Edition par lot du programme IBM i2 iBase.

        Elle permet de modifier facilement et rapidement le contenu d'un champ, pour tous les enregistrements, ou uniquement pour ceux qui correspondent au résultat d'une requête, ou ceux contenus dans une collection.

        Durée: 10 minutes

        NEW

        Dans cette vidéo, je vous propose plusieurs exercices à faire sur la base d'exemple le Guide de l'utilisateur.

        Ces exercices correspondent à des questions, que vous devez "traduire" en une requête visuelle sur iBase.

        Pour chaque question, vous devez mettre la vidéo en pause après la question, faire l'exercice sur votre iBase, puis voir la réponse. (et j'ai subrepticement changé la musique d'intro, mais ne le dites pas à mon chef...)

        N'hésitez pas à indiquer dans les commentaires si vous trouvez que les exercices sont trop faciles ou trop difficiles.

        Et si vous avez des idées pour d'autres exercices (toujours sur la base d'exemple Guide de l'Utilisateur), partagez vos idées !

        Durée: 30 minutes

        NEW

        Comment exporter les données depuis IBM i2 iBase ?

        Cette vidéo présente les 3 options :

        • Les Spécifications d'exportation
        • L'export des données vers un fichier Excel
        • La copie des données, pour ensuite les Coller dans un autre programme.

        Durée: 22 minutes


        Cette vidéo présente la fonction "Vérification d'enregistrements en double" (dans le menu Analyse).

        Cette fonction vous permet de voir si votre base de données contient des enregistrements similaires, c-est-à-dire ayant plusieurs champs identiques.

        Durée: 8 minutes

        Comment installer la base d'exemple fournie avec le programme IBM i2 iBase ?

        Cette base de données, nommée "Guide de l'utilisateur" vous permettra de jouer avec le programme sur des données fictives.

        Time: 5 minutes

        Présentation de la fonction "Attribuer les icônes" dans le programme IBM i2 iBase.

        Cette fonction permet d'affecter une icône à des entités.

        Vous pouvez aussi modifier la "nuance" de couleur de l'entité. Cette fonction peut être intéressante pour distinguer visuellement des entités parmi d'autres.

        Durée: 15 minutes

        NEW

        Cette vidéo explique comment créer une requête visuelle dans le programme IBM i2 iBase.

        Utilisation des Conditions sur les types d'entités et de liens.

        Durée: 45 minutes

        Cette vidéo présente la fonction Résultats concordants du programme IBM i2 iBase.

        Cette fonction permet de lancer une requête en indiquant des critères de recherche, avec des pondérations (ou des scores).

        Cela revient à dresser une sorte de portrait robot de ce que vous cherchez, en insistant sur certains points.

        Durée: 10 minutes

        Cette vidéo présente la fonction de sous-ensemble de base de données dans le programme IBM i2 iBase.

        Cette fonction permet de créer une base de données (au format Access), contenant un sous-ensemble d'une base iBase.

        C'est utile si un utilisateur souhaite travailler en mode déconnecté de la base principale (par exemple parce qu'il doit se rendre sur le terrain, ou travailler à distance de son bureau habituel).

        L'analyste peut alors travailler sur cette base de données "fille", en y apportant des modifications. Une fois revenu au bureau, il peut alors synchroniser sa base "Fille" avec la base principale. Les modifications seront alors reportées dans la base principale.


        Durée: 28 minutes

        Cette vidéo présente l'option "Suppression logique" d'iBase.

        Avec cette option, les enregistrements supprimés par erreurs peuvent être récupérés (sans avoir besoin de demander de l'aide à l'informatique, qui n'est jamais disponible...).

        Nous recommandons d'activer cette option sur toutes vos bases de données iBase.

        Durée: 11 minutes

        Cette vidéo présente la fonction wuppression par Lot d'iBase. Elle permet (comme son nom l'indique) de supprimer un nombre important d'enregistrements dans iBase.

        Vous devez sélectionner le type d'entité ou de lien, puis indiquer si vous souhaitez supprimer tous les enregistrements, ou ceux qui correspondent à une requête ou à une collection.

        Et n'oubliez pas la possibilité (recommandée) d'activer la Suppression logique pour la base iBase (dans iBase Designer).

        Durée: 4 minutes

        Cette vidéo présente l'utilisation des Feuilles de Saisie dans iBase Utilisateur et dans Analyst's Notebook (ANB).

        Les Feuilles de saisie facilitent la saisie (en création et en modification) des entités et des liens, en permettant de regrouper les champs par onglets, et/ou en modifiant l'ordre des champs.

        Durée: 23 minutes

        Apprenez à créer une base données via iBase Designer.

        Durée: 63 minutes

        A quoi servent les Champs Standards dans le programme IBM i2 iBase ? Comment les créer dans iBase Designer

        Durée: 13 minutes

        Apprenez à installer IBM i2 iBase Designer.

        Durée: 8 minutes

        Apprener à gérer les icones sous iBase Designer.

        Durée: 23 minutes

        Les différents types de champs proposés par le programme IBM i2 iBase.

        Durée: 44 minutes

        Cette vidéo est la deuxième partie d’une série décrivant les différents types de champs du programme IBM i2 iBase.

        Durée: 16 minutes