Resilient
Introduction to Resilient

Overview

This course is designed to provide an initial introduction to Resilient Incident Response Program. It will help you understand how Resilient can be integrated in your environment and provide the tools to get started.



Agenda

  1. Introduction to Resilient
  2. How Resilient Aligns to your Organization
  3. Installing & Administering Resilient
  4. Developing Playbooks
  5. Resources and Support

1h       Foundational
Common Resilient use cases

Overview

This course covers 4 common scenarios that demonstration of how the Resilient Incident Response Platform can be used to

  • Automate the escalation and collection of data
  • Manage a ransomware attack
  • Deal with a data breach involving an inside actor
  • Accelerate your Response to Phishing Attacks
Closed captions: English, French, German, Spanish and Japanese

De En Es Fr Ja
1h 1m      Foundational
Getting started with IBM Resilient

Overview

Resilient Incident Response Platform is a central hub for incident responses that helps make incident response efficient and compliant. The platform is based on a knowledge base of incident response best practices, industry standard frameworks, and regulatory requirements.

The Resilient platform implements incident responses through the use of dynamic playbooks. A dynamic playbook is the set of rules, conditions, business logic, workflows and tasks used to respond to an incident. The Resilient platform updates the response automatically as the incident progresses and is modified.
In this course, you learn the Resilient basic concepts, platform architecture, and will review a demonstration of the installation process.

Objectives

  • Learn the value of IBM Resilient
  • Review the introduction video to the IBM Resilient platform
  • Learn the IBM Resilient Platform architecture
  • Learn about necessary prerequisites
  • Review the installation process
  • Describe the value of dynamic playbooks
Closed captions: English, French, German, Spanish and Japanese

De En Es Fr Ja
25m      Foundational
Click roadmap title to expand/collapse roadmap

Getting Started with IBM Resilient

This roadmap is designed to provide an initial introduction to Resilient Incident Response Program.


Overview and install

These courses help you to understand how Resilient can be integrated into your environment and provide the tools to get started.
Introduction to Resilient
Foundational
Getting started with IBM Resilient
Foundational

On-premises setup

Learn how to perform the initial configuration to start using Resilient.
Initial configuration of the IBM Resilient appliance
Intermediate

User management and authentication

Learn how to configure user access
Setting up alternative authentication mechanisms in the IBM Resilient appliance
Intermediate
Managing users and groups in Resilient
Intermediate

Common use cases

Learn about typical scenarios for using Resilient.
Common Resilient use cases
Foundational
Click roadmap title to expand/collapse roadmap

Resilient Application Administrator/Saas Administrator (Master Administrator)

These courses teach you how to administer Resilient on both an On premise or SaaS deployment of Resilient SOAR platform


Managing users

Managing users and groups in Resilient
Intermediate
Resilient - Deleting or Deactivating a User
Foundational
Resilient - Deactivate user / Reassign
Foundational
Working with Resilient roles
Foundational
Resilient - Deleting Roles
Foundational

Authentication

Setting up alternative authentication mechanisms in the IBM Resilient appliance
Intermediate

Setting up the ORG

These courses teach you how to configure the Resilient Organization
Resilient - Organization Details
Foundational
Resilient - Organization Settings
Foundational
Resilient - Migrating Organizational Settings
Foundational
Resilient - Defanging URLs
Foundational
Resilient - Threat Sources Overview
Intermediate
Resilient - Notifications and substitution
Intermediate

Workspaces

Working with Resilient workspaces
Foundational
Click roadmap title to expand/collapse roadmap

Playbook Designer/ Developer

This roadmap instructs the designer in the features available for creating playbooks within Resilient


Foundations of Design

These courses are about using the design components which make up a playbook in the Resilient SOAR platform.
Resilient - Modify the New Incident Wizard Layout
Foundational
Resilient - Reporting Custom Sections / Flags
Foundational
Resilient - Delete Incident / Bulk Actions
Foundational
Resilient - Artifact Relation
Foundational
Resilient - Threat Sources Overview
Intermediate
Creating custom graphs in the Resilient application
Intermediate
Resilient - Notifications and substitution
Intermediate
Resilient - How To Create Wikis
Intermediate
Resilient - Data Tables
Foundational
Resilient Rules and Workflows
Foundational
Resilient - Workflows
Foundational
Resilient - Dynamic Playbooks / Rules
Foundational
Resilient Developer's Corner - Integration First Steps
NEW
Intermediate
Building the MITRE ATT&CK Framework into your Resilient Incident Response
NEW
Foundational

Automation and Integrations

These courses teach you about automation of your playbooks in the Resilient SOAR platform.
Scale and Improve Automation in Resilient
NEW
Intermediate
Resilient Data Feeder Integration
NEW
Intermediate
Click roadmap title to expand/collapse roadmap

Security Analyst

As a Security Analyst you will learn how to manage, use and respond to security events using Resilient playbooks.


Resilient Security Foundations

These courses teach you how to investigate and remediate security incidents using Resilient.
Resilient - Defanging URLs
Foundational
Resilient - How To Create Wikis
Intermediate
Resilient - Notifications and substitution
Intermediate
Creating custom graphs in the Resilient application
Intermediate
Resilient - Search
Foundational
Resilient - Reporting Custom Sections / Flags
Foundational
Configuring SMTP Notifications for IBM Resilient
Foundational

Artifacts and Threat Feeds

These courses will teach you how threat intelligence can perform automatic enrichment for artifacts.
Resilient - Threat Sources Overview
Intermediate
Resilient - Artifact Relation
Foundational
Resilient - Creating Custom Artifact Types
Foundational
Click roadmap title to expand/collapse roadmap

Privacy Officer

As a Privacy Officer/ Analyst you will learn how to configure Resilient Privacy and to manage, use and respond to privacy events in your organization.


Resilient Privacy Foundations

These courses will teach you how to manage and respond to privacy events using Resilient SOAR platform.
Managing GDPR Data Breach Notification Requirements with the Resilient Incident Response Platform
Foundational
Resilient - How to Pre-Select Privacy Regulators
NEW
Foundational
Resilient - How To Create a Notify Data Protection Officer (DPO) Task in Resilient
NEW
Foundational
Click roadmap title to expand/collapse roadmap

Resilient System Administrator (OVA Administrator)

These courses teach you how to install and configure IBM Resilient on both the OVA and BYORHEL on premise deployments


Install

Resilient Prerequisites
Foundational
Initial configuration of the IBM Resilient appliance
Intermediate
Resilient - Installing via an OVA File
Intermediate
Resilient - External Network Configuration
Foundational

Configuration

Resilient security
Intermediate
Resilient - Backing up the Keyvault
Foundational
Resilient - Encrypting the Keyvault Password
Intermediate
Resilient - Keyvaults, Keystores and Secrets
Foundational

Logging

Managing logs in the IBM Resilient appliance
Intermediate

Authentication

Setting up alternative authentication mechanisms in the IBM Resilient appliance
Intermediate
Managing users and groups in Resilient
Intermediate

Backup and DR

Resilient - Backing up and Restoring
Foundational
Using Resilient disaster recovery health checks
Intermediate
Running Resilient disaster recovery playbooks
Intermediate
Setting up Resilient disaster recovery
Intermediate