Cloud Pak for Security Platform

Cloud Pak for Security Platform Courses:

Installing and Configuring Cloud Pak for Security 1.4

In this course, Forrest Longanecker demonstrates 2 different ways to install and configure Cloud Pak for Security 1.4.

  1. Installing Cloud Pak for Security using the Command Line Interpreter (CLI)
  2. Installing Cloud Pak for Security using the IBM Cloud Catalog

IBM Cloud Pak for Security V1.5 Demonstration

IBM Cloud Pak for Security 1.5 is a unified platform designed to help you detect and respond to security threats with a simple unified experience without replacing your existing tools. This demonstration will show you how IBM Cloud Pak for Security puts the information you need at your fingertips to help mitigate a realistic real-world threat.

Cloud Pak for Security - Case Management app overview

Cloud Pak for Security comes with a Case Management application that integrates with other Cloud Pak for Security applications and provides basic case management capabilities. The main goal of this application is to help security investigations and response to incidents.

In Cloud Pak for Security 1.3, this basic Case Management application is expanded with automation and orchestration capabilities. However, those capabilities are licensed separately.

The video walks you thought the main features and terminology related to the Case Management app and Orchestration and Automation part. You learn about the concept of cases, tasks and phases, artifacts, incident classifications, user roles, simulation of dynamic playbooks. The main concepts for orchestration and automation are reviewed, such as scripts, rules, workflows, functions and message destinations.

Cloud Pak for Security 1.5 - Architecture and installation overview

IBM Cloud Pak for Security is a platform that integrates security tools to gain insights into threats across hybrid, multicloud environments.

As more businesses move to the cloud, security data is frequently spread across different tools, clouds, and IT environments. This requires teams to spend more time integrating tools and information and maintaining those integrations, and less time securing their organizations. IBM Cloud Pak for Security helps teams address these issues with an open, secure platform. It is a platform that can deliver on connecting data, connecting workflows, and connecting openly by helping you quickly integrate your existing security tools to generate deeper insights into threats, orchestrate actions, and automate responses, all while you leave your data where it is.

This course describes critical components of the Cloud Pak for Security platforms such as multicloud adoption, private cloud requirements for storage and nodes spec, Red Hat OpenShift 4.3, IBM Cloud Pak common services, Cloud Pak for Security core services, and apps.
This version of the Cloud Pak comes with five apps:
  • IBM Security Data Explorer
  • IBM Security Threat Intelligence Insights
  • IBM Security Case Management
  • IBM Security User Behavior Analytics
  • IBM Security Risk Manager

The course also provides a high-level installation process.

Objectives

  • Describe Cloud Pak for Security components stack
  • Explain dependencies on OpenShift and IBM Cloud Pak common services
  • Describe IBM Cloud Pak for Security core services and the apps
  • Explain high-level installation steps

Cloud Pak for Security - Users and general settings

Overview

This video provides an overview of users, roles, and general settings for the IBM Cloud Pak for Security platform. The video discusses how a user from LDAP is imported into IBM Cloud Private and then into Cloud Pak for Security. Users can have one of two main roles in Cloud Pak for Security: Admin and regular User. Depending on the role, the user can have different permissions for Data sources, Organization settings, and the User management tool.

Duration: 20 minutes

Cloud Pak for Security 1.5 - Security Analyst Badge

Cloud Pak for Security - Security Analyst logo graphic

Cloud Pak for Security - Security Analyst


Overview

This enablement path is for SOC Analysts and technical resources who require a comprehensive knowledge of cybersecurity threat investigation using Cloud Pak for Security. By completing this enablement, you will know how to configure connectors to data sources, become familiar with federated searches, and be able to use filter and data analysis in the Data Explorer app, configure Threat Intelligence Insights and basics of Case Management. ​