Only a partial course catalog is displayed. Please log in to see the complete catalog.


Incident Response Courses (8):

NEW

Overview
This course will show you how to understand roles in the IBM Resilient product. A role is a specific set of permissions, which you can assign to users and groups. The Roles tab allows you to define and manage roles. You can assign multiple roles to a user, which gives the user a superset of all the permissions in the roles.The course demonstrates how to create and delete roles, describes the difference between global and workspace roles, which roles are predefined and explains how Resilient uses role categories.

Agenda
  1. Global and workspace roles
  2. Role categories
  3. Predefined roles
  4. Creating roles
  5. Deleting roles

Duration: 9 minutes
Course revision: 1.0

NEW

Overview
This course teaches how the IBM Resilient product uses workspaces. The course covers key workspace concepts, how to create them and how to delete them.

Agenda
  1. Workspace key concepts
  2. Create workspace
  3. Delete workspace

Duration: 7 minutes
Course revision: 1.0

NEW

Overview

This course covers several alternative mechanisms for authenticating users in the IBM Resilient product, including LDAP, SAML and two-factor authentication.

Agenda

  1. LDAP authentication
  2. SAML authentication configuration
  3. Two-factor authentication

Duration: 22 minutes

NEW

Overview

This course demonstrates how to manage logs in the IBM Resilient appliance. This includes how to configure logging, audit logging and syslog.

Agenda

  • 1. Log configuration
  • 2. Configuring audit logs
  • 3. Configuring syslog

Duration: 8 minutes

NEW

Overview

This course covers aspects of managing users and groups in IBM Resilient such as creating users using the Resilient user-interface or by using terminal commands and how to reassign incidents and tasks to a different user.

Agenda

  1. Creating a user using using the UI
  2. Creating a user using terminal commands
  3. Reassigning incidents and tasks
  4. Enabling LDAP authentication
  5. Enabling LDAP users in groups and deleting LDAP users

NEW

Overview

This course reviews key issues in managing security in IBM Resilient. Topics cover a broad range of issues such as how to defang a URL, change ciphers and protocols, how to work with keyvaults, keystores and secrets as well as how to encrypt and backup the keyvault password.

Agenda

    1. Defanging URLs
      • This video demonstrates how to "defang" your URLs in IBM Resilient to help assure users do not inadvertently click on malicious links.
    2. Changing Ciphers and Protocols in IBM Resilient
      • This video demonstrates how to change the ciphers and protocol in IBM Resilient. There is a review of which ciphers and protocols are used by default using the nmap application, followed by a demonstration of which files need to be edited in order to adjust the ciphers and protocols being used.
    3. Keyvaults, Keystores and Secrets
      • This video discusses keyvaults, keystores and secrets within IBM Resilient.
    4. Encrypting the keyvault password
      • This video describes how to encrypt a keyvault password in IBM Resilient. The keyvault password is stored as an unencrypted file by default but can be encrypted using gpg to protect it and decrypted whenever needed.
    5. Backing up the keyvault
      • The keyvault stores all passwords used within IBM Resilient. If the keyvault were lost, it would result in a considerable loss of data. For that reason, the Resilient platform runs a backup of keyvault files to the system database anytime passwords are added or removed and after each system upgrade. This video shows how to use the resutil keyvaultrestore command to restore keyvault files from the system database.


    Duration: 19 minutes


    NEW

    Overview
    This course contains 6 videos that cover various topics important to understand when installing and configuring the IBM Resilient Appliance.

    Agenda
    • Configuring SSL/TSL certificates
    • Importing the Resilient License Key
    • Updating the Resilient Appliance Software
    • Installing optional packages
    • Setting the time zoneSMTP Email configuration

    NEW

    Overview
    This video demonstrates how to upgrade the Resilient Appliance. The Appliance can only be upgraded one major version at a time. This course shows how to install upgrades after they have been downloaded from the IBM Resilient Customer Success Portal.