Incident Response Latest

Incident Response Latest Courses:

NEW

In the second session of the Resilient Developer's Corner series, learn about the best ways to define and include your integrations Rules and Workflows in your integration package.


Agenda

  • Rules
    • Activity Fields
    • Conditions
  • Workflows
    • Properties
    • Branching
  • Workflow Status
  • Action Status


Duration: 26 minutes


NEW

Learn about the newest integration and how it can be leveraged in your environment. Utilize data in Resilient the way you want to by leveraging the newly released Data Feeder extension. This extension allows you to maintain “replica” data of a Resilient system for the purposes of reporting. It also allows enhanced accessibility of your data by allowing you to run business intelligence (BI) queries from other tools.
Join Ray Suarez, Product Manager for Resilient, in this month’s update to learn about one of our newest integrations.

Agenda

  • Introduction
  • The need for SOAR data
  • Resilient & Data Feeder Integration
  • Resilient Data Storage Overview
  • app.config Configuration File
  • Specify Incident Range
  • A Tour of the App Exchange
  • Resilient Actions Demonstration
  • Review of the Resilient integrations
  • Questions and answers

Duration: 19 minutes

NEW

This is the first session of the multi-part Resilient Developer's Corner series. As additional parts are published, links will be added to the Quick references section below.

Learn how to start writing an integration and how to use the template files auto-generated from Resilient functions.

Agenda

  • Introduction
    • Future recordings in this series
    • Requirements
  • Integration Taxonomy
  • Integration Environment
  • Demonstration using Resilient Console
    • Customization settings
      • Message Destinations
      • Functions
      • Rules
    • Using codegen to automate the generation of Python integration code
    • Detailed example of building out an integration in Python

Duration: 30 minutes


NEW

This video demonstrates how to create and use a Notify Data Protection Officer Task to automatically notify your DPO when specified conditions are met.

Duration: 3 minutes

NEW

This videos demonstrates how to use Resilient's customization settings to automatically select specific regulators in your instance of Resilient to save time and automate the incident logging process.

Duration: 3 minutes

NEW

This video demonstrates how Resilient Task Helper Functions can help clean and consolidate notes to improve visibility into completed tasks and ultimately cut down the time to respond for your security team.

NEW

The MITRE ATT&CK Framework is a globally-accessible knowledge base of advisory tactics and techniques based on real-world observations.

The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and services community.

This video provides and overview of the MITRE ATT&CK Framework, followed by a discussion of how IBM Resilient and other IBM Security products use MITRE ATT&CK with a live demonstration and a Q&A.