Only a partial course catalog displayed. Please click here to log in to see the complete catalog.


Incident Response Courses (12):

NEW

Overview
Use the notifications feature to alert users when a specific condition occurs for an object. A condition can be anything you choose, such as object creation or deletion, or a change in value to a field. An object can be an incident, note, milestone, task, attachment, or artifact.

Through substitution you can insert into the body of the notification, information about the object and its parent to provide additional information. The available objects are incident, note, milestone, task, attachment, and artifact. You can reference the parent (incident or task) of the object, and any custom fields of that parent object.

NEW

Overview

Users with the required permission can create and edit wiki pages from within the application. This enables organizations to add important information, guidelines, and reference material for the Incident Response team and wikis can be used as part of incident response process. The wiki feature is useful as a central repository for storing content, references, and guidelines to support users working on incidents and tasks. Users can link to existing wiki pages from incident and task notes and other wiki pages.

NEW

Overview
When artifacts are added to incidents, the Resilient platform can optionally search for those artifacts in several cyber threat sources that have been integrated into the product. This course demonstrates how to enable and disable threat sources in Resilient.

NEW

Overview

When creating a Resilient group, you can link the group to any LDAP group. The result is that members of that LDAP group who are also members in the authorized group are added to the Resilient group. Any membership changes in the LDAP group are reflected automatically in the Resilient group. This feature allows you the flexibility to create numerous groups for specific tasks or duties.

Duration: 9 minutes

NEW

Resilient Incident Response Platform is a central hub for incident responses that helps make incident response efficient and compliant. The platform is based on a knowledge base of incident response best practices, industry standard frameworks, and regulatory requirements.

The Resilient platform implements incident responses through the use of dynamic playbooks. A dynamic playbook is the set of rules, conditions, business logic, workflows and tasks used to respond to an incident. The Resilient platform updates the response automatically as the incident progresses and is modified.
In this course, you learn the Resilient basic concepts, platform architecture, and will review a demonstration of the installation process.

Objectives

  • Learn the value of IBM Resilient
  • Review the introduction video to the IBM Resilient platform
  • Learn the IBM Resilient Platform architecture
  • Learn about necessary prerequisites
  • Review the installation process
  • Describe the value of dynamic playbooks

NEW

Overview
This course demonstrates how to delete or deactivate a user from Resilient.

NEW

Overview
This course covers the creation of new users using the Resilient user interface as well as the assignment of roles and groups.

NEW

Overview
This course demonstrates how to create new users using resutil terminal commands

NEW

Overview
This course reviews the organizational settings that can be made on your Resilience instance, such as

  • Session Timeout
  • Attachments
  • Default Tasks
  • Incident Deletion
  • LDAP Authentication
  • Two-Factor Authentication

NEW

Overview
This course demonstrates how to delete a role from within IBM Resilient.

NEW

This course demonstrates how to migrate organizational settings by importing and exporting them from one organization to another.

NEW

Overview

This course demonstrates how to install the Resilient appliance using an OVA file.