Integrated Security Solutions

Resilient and QRadar Advisor integration topics

Overview

  • Part 1 demonstrates the integration of QRadar Advisor with Watson with Resilient functionality. QRadar with Watson provides artificial intelligence to automatically investigate and provide insights to threat indicators and related entities. Integration with Resilient allows the security analyst to automatically track and enrich incident artifacts and reporting.
  • Part 2 demonstrates how to use Resilient as a workflow automation tool to enhance the analyst's ability to manage the response to the more complex threats that require more than the actions allowed directly from within QRadar.


QRadar and AppScan integration

This course shows you how to integrate a scanner, such as IBM Security AppScan, with QRadar SIEM. This integration can help you correlate vulnerabilities discovered by the scanner with other log sources, such as IBM XGS, to protect your network assets from the attack at the application level.

Integrating IBM Guardium and IBM Identity Governance and Intelligence to support the GDPR initiative on structured data

This learning module demonstrates the integration of IBM Guardium and IBM IGI products to support the GDPR compliance initiative on structure data. The solution provides a custom developed AssemblyLine that runs in IBM Directory Integrator (IDI), and an IBM Identity Governance and Intelligence (IGI) Custom Adapter that requires IBM Directory Server and IDI to run.

The integration goal is to identify GDPR sensitive data using a provided sample database using IBM Guardium. Guardium then exports a report that contains users who have access to tables with GDPR relevant data. Then, the IGI Custom Adapter imports these reports into IGI for further compliance and access management.

The course provides a lab environment where the integration can be tested and demonstrated.

Also, if you do not have time to run the lab, you can review the videos that demonstrate all steps in the lab.

The additional learning section provides a custom AssemblyLine and a custom IGI adapter as-is with no IBM support. You can provide feedback to the Security Learning Academy if you have any issues with the code.

Integrating BigFix with MaaS360 for Unified Reporting

This video series shows you how to integrate BigFix with MaaS360 to provide a side by side  view of MaaS360 managed devices and BigFix managed endpoints in the BigFix Console.  BigFix Administrators can view MaaS360 devices and take limited actions on them from the BigFix Console.

Carbon Black Response - Integrating with IBM QRadar SIEM

This course includes two technical demonstrations that highlight how Carbon Black Response and IBM QRadar SIEM integrate to quickly detect, respond, and remediate live security incidents. This integration is part of the long standing strategic partnership between Carbon Black and IBM.

Carbon Black Response - Integrating with IBM BigFix and IBM QRadar SIEM

This video is a demonstration highlighting the tight integration between Carbon Black Response, IBM BigFix, and  QRadar. This demo shows the value of recording what happens on endpoints at all times, so that you can quickly detect and respond to security incidents, remediate your environment, and improve the security posture of your organization.

MaaS360 and QRadar SIEM integration

This video series demonstrates integration between IBM MaaS360 and IBM QRadar SIEM. It includes the following demonstrations:

  • MaaS360 and QRadar Integration overview
  • Sending MaaS360 events to QRadar SIEM
  • Installing the MaaS360 app
  • Using QRadar Action Script with MaaS360 API

Prerequisites: This video series assumes that you have the following skills:

  • Basic knowledge of QRadar SIEM concepts
  • Basic knowledge of the MaaS360 portal
  • Basic knowledge of Python scripting

For more information about these topics, visit the QRadar SIEM and MaaS360 roadmaps in the Security Learning Academy.


Guardium and Resilient integration: Email Connector

Overview

In this video, you will see how to set up IBM Guardium email alerts in an IBM Resilient incident response workflow using the Resilient Email Connector.

QRadar and Bigfix Stop Ransomware

In this 4-part video series Jose Bravo demonstrates how you can detect and stop Ransomware from propagating by integrating IBM QRadar SIEM and IBM BigFix.

In a bonus video we describe an extended scenario integrating QRadar, XGS and BigFix helping with phishing and ransomware.

Using IBM X-Force Deep Packet Inspection in the IBM Security Access Manager Appliance

This course demonstrates how IBM X-Force PAM engine works in IBM Security Access Manager (ISAM) appliance. The course is the how-to lab guide with the set of virtual machines that students can explore on they own time.

Protecting sensitive data from privileged users

This self-paced learning content represents an integration scenario that uses IBM Privileged Identify Manager (PIM), IBM Guardium, IBM Network Protection (XGS), IBM QRadar, and IBM Directory Integrator (IDI). The course includes three videos that depict a database administrator interacting with the system. Watch the videos in the following order:

1)     Testing Initial PIM and Guardium Setup – This video shows the basic functionality of PIM and Guardium without implementing integration between them.

2)     Testing PIM and Guardium Integration – This video shows the benefits of integrating PIM and Guardium. There is no direct integration path between the two products. QRadar and IDI are used to bridge integration gaps between PIM and Guardium.

3)     Testing a Complete Integration Solution– This video shows a fully integrated security solution. It includes the XGS appliance that terminates any existing connection from the database administrator workstation to the database server.

This course also includes an Integration Guide that documents the configuration steps necessary to integrate the products. It also includes the IDI.zip file that contains the custom files, including developed IDI assembly lines, necessary to successfully implement this integration scenario.

Introduction to the IBM Security Immune System

The IBM Security Immune System looks at a security portfolio in an organized fashion - as an integrated framework of security capabilities that transmits and ingests vital security data to help gain visibility, understand, and prioritize threats, and coordinate multiple layers of defense. At its core, the system automates policies and block threats - just as the human immune system can assess and identify a virus and then trigger an immune response.

Carbon Black Response - Integrating with IBM Resilient

This video is a technical demonstration in which IBM Resilient and Carbon Black Response detect, respond, and remediate a live security incident. This integration is part of the long standing strategic partnership between Carbon Black and IBM.

Duration: 13 minutes
Closed captions: English, French, German, Spanish and Japanese

Carbon Black Response - Integrating with IBM Resilient and IBM QRadar SIEM

This video is a technical demonstration of the integration between Carbon Black Response, IBM Resilient, and QRadar to detect, respond, and remediate a live security incident. This integration is part of the long standing strategic partnership between Carbon Black and IBM.

Protecting Office365 with IBM Cloud Identity and MaaS360
NEW

This video walks you through how to secure access for Office365 with IBM Cloud Identity and MaaS360. Along with the end to end demonstration, this video also covers the following topics:

  • why protect access to Office365
  • requirements for securing Office365
  • architecture overview for on mobile and an unmanaged device
  • configuration steps to secure Office365

Duration: 35 minutes

Click roadmap title to expand/collapse roadmap

Systems Integration Architect

A systems integration architect Is responsible for implementing integrated security solutions that support compliance, protect business assets, and combat security threats.


IBM Security Foundations

These courses provide an overview of IBM Security products and services

Compliance related integrations

These courses teach how to use security products to meet compliance requirements.

Threat detection and prevention integrations

These courses teach how to use security products to detect and stop threats, manage incident response, and investigate threat data.

Asset protection integrations

These courses show you how to integrate security products to secure cloud environments, protect critical assets, and prevent fraud.