IBM Resilient

Click roadmap title to expand/collapse roadmap

Getting Started with IBM Resilient SOAR Platform

The total time required to complete this roadmap is 5h 9m.

This roadmap is designed to provide an initial introduction to Resilient Incident Response Program.

Overview and install

These courses help you to understand how Resilient can be integrated into your environment and provide the tools to get started.

On-premises setup

Learn how to perform the initial configuration to start using Resilient.

User management and authentication

Learn how to configure user access

Common use cases

Learn about typical scenarios for using Resilient.

Badges and Certifications

Official IBM badges and professional certifications related to this role that can be earned

Click roadmap title to expand/collapse roadmap

Playbook Designer/ Developer

The total time required to complete this roadmap is 9h 26m.

This roadmap instructs the designer in the features available for creating playbooks within Resilient

Foundations of Design

These courses are about using the design components which make up a playbook in the Resilient SOAR platform.

Automation and Integrations

These courses teach you about automation of your playbooks in the Resilient SOAR platform.

Click roadmap title to expand/collapse roadmap

Security Analyst

The total time required to complete this roadmap is 48m.

As a Security Analyst you will learn how to manage, use and respond to security events using Resilient playbooks.

Resilient Security Foundations

These courses teach you how to investigate and remediate security incidents using Resilient.

Resilient Dashboards and Reporting

These courses teach you how to create custom dashboards and reports from your incident data

Artifacts and Threat Feeds

These courses will teach you how threat intelligence can perform automatic enrichment for artifacts.

Click roadmap title to expand/collapse roadmap

Privacy Officer

The total time required to complete this roadmap is 37m.

As a Privacy Officer/ Analyst you will learn how to configure Resilient Privacy and to manage, use and respond to privacy events in your organization.

Resilient Privacy Foundations

These courses will teach you how to manage and respond to privacy events using Resilient SOAR platform.

Common Resilient use cases

Overview

This course covers 4 common scenarios that demonstration of how the Resilient Incident Response Platform can be used to

  • Automate the escalation and collection of data
  • Manage a ransomware attack
  • Deal with a data breach involving an inside actor
  • Accelerate your Response to Phishing Attacks
Closed captions: English, French, German, Spanish and Japanese

Configuring automatic processing of inbound email in Resilient

Overview

You can configure the IBM Security Resilient platform to create new incidents or update existing incidents from incoming email.
In this course, you learn how to configure the Resilient platform to connect to an email inbox and create a rule that processes email messages by using a template with a Python script. As a result of the script, an incident is created with extracted artifacts form the email messages (such as IPs and URLs) and an email notification is sent to the incident owner. 


Objectives

  • Observe automated email parsing in action
  • Configure an inbound email connection
  • Customize a sample email script
  • Create a rule to trigger the script
  • Test the email processing

IBM Security Resilient Foundations Badge

badge logo graphic
Resilient SOAR Foundations


Overview

This is an IBM-issued and IBM-recognized badge that attests that recipients have demonstrated the knowledge of basic features and functions needed to  work with the IBM Security Resilient incident response product. The badge holder can effectively navigate in the Resilient UI, work with users and authentication, administering the organization, and Resilient product administration.

How can I earn this badge?

  • This badge is open to all IBM clients, Business Partners and employees.
  • Successful completion all courses listed in the Required courses section below.
  • Earn 80 percent or higher on the quiz.

Getting started with IBM Resilient

Overview

Resilient Incident Response Platform is a central hub for incident responses that helps make incident response efficient and compliant. The platform is based on a knowledge base of incident response best practices, industry standard frameworks, and regulatory requirements.

The Resilient platform implements incident responses through the use of dynamic playbooks. A dynamic playbook is the set of rules, conditions, business logic, workflows and tasks used to respond to an incident. The Resilient platform updates the response automatically as the incident progresses and is modified.
In this course, you learn the Resilient basic concepts, platform architecture, and will review a demonstration of the installation process.

Objectives

  • Learn the value of IBM Resilient
  • Review the introduction video to the IBM Resilient platform
  • Learn the IBM Resilient Platform architecture
  • Learn about necessary prerequisites
  • Review the installation process
  • Describe the value of dynamic playbooks
Closed captions: English, French, German, Spanish and Japanese

Introduction to Resilient

Overview

This course is designed to provide an initial introduction to Resilient Incident Response Program. It will help you understand how Resilient can be integrated in your environment and provide the tools to get started.



Agenda

  1. Introduction to Resilient
  2. How Resilient Aligns to your Organization
  3. Installing & Administering Resilient
  4. Developing Playbooks
  5. Resources and Support