IBM Resilient
Click roadmap title to expand/collapse roadmap
Getting Started with IBM Resilient SOAR Platform
The total time required to complete this roadmap is 5h 9m.
This roadmap is designed to provide an initial introduction to Resilient Incident Response Program.
Overview and install
These courses help you to understand how Resilient can be integrated into your environment and provide the tools to get started.
IBM Cloud Pak for Security overview
Tour Resilient on the Security Learning Academy
Introduction to IBM Resilient SOAR
Getting started with IBM Resilient
On-premises setup
Learn how to perform the initial configuration to start using Resilient.
User management and authentication
Learn how to configure user access
Setting up alternative authentication mechanisms in the IBM Resilient appliance
Managing users and groups in Resilient
Common use cases
Learn about typical scenarios for using Resilient.
Badges and Certifications
Official IBM badges and professional certifications related to this role that can be earned
Click roadmap title to expand/collapse roadmap
Resilient Application Administrator/Saas Administrator (Master Administrator)
The total time required to complete this roadmap is 1h 18m.
These courses teach you how to administer Resilient on both an On premise or SaaS deployment of Resilient SOAR platform
Managing users
Managing users and groups in Resilient
Resilient - Deleting or Deactivating a User
Resilient - Deactivate user / Reassign
Working with Resilient roles
Resilient - Deleting Roles
Authentication
Setting up the ORG
These courses teach you how to configure the Resilient Organization
Resilient - Organization Details
Resilient - Organization Settings
Resilient - Migrating Organizational Settings
Resilient - Defanging URLs
Resilient - Threat Sources Overview
Resilient - Notifications and substitution
Workspaces
Click roadmap title to expand/collapse roadmap
Playbook Designer/ Developer
The total time required to complete this roadmap is 9h 26m.
This roadmap instructs the designer in the features available for creating playbooks within Resilient
Foundations of Design
These courses are about using the design components which make up a playbook in the Resilient SOAR platform.
Resilient - Modify the New Incident Wizard Layout
Resilient - Reporting Custom Sections / Flags
Resilient - Delete Incident / Bulk Actions
Resilient - Artifact Relation
Resilient - Threat Sources Overview
Creating custom graphs in the Resilient application
Resilient - Notifications and substitution
Resilient - How To Create Wikis
Resilient - Data Tables
Resilient Rules and Workflows
Resilient - Workflows
Resilient - Dynamic Playbooks / Rules
Resilient Developer's Corner - Integration First Steps
Building the MITRE ATT&CK Framework into your Resilient Incident Response
Resilient - Tracking time spent on incident field values
Automation and Integrations
These courses teach you about automation of your playbooks in the Resilient SOAR platform.
Common Resilient use cases
Resilient Metrics Systems Administration
Scale and Improve Automation in Resilient
Resilient Data Feeder Integration
Resilient Developer's Corner - Integration First Steps
Resilient Developer's Corner: Rules and Workflows
Publishing to the App Exchange
Resilient Intelligent Orchestration
Configuring automatic processing of inbound email in Resilient
Developing and Converting Apps for App Host in Resilient
Click roadmap title to expand/collapse roadmap
Security Analyst
The total time required to complete this roadmap is 48m.
As a Security Analyst you will learn how to manage, use and respond to security events using Resilient playbooks.
Resilient Security Foundations
These courses teach you how to investigate and remediate security incidents using Resilient.
Resilient - Defanging URLs
Resilient - How To Create Wikis
Resilient - Notifications and substitution
Resilient - Search
Resilient - Reporting Custom Sections / Flags
Configuring SMTP Notifications for IBM Resilient
An Introduction to the IBM Resilient SOAR Interface
Resilient Dashboards and Reporting
These courses teach you how to create custom dashboards and reports from your incident data
Resilient - Creating custom graphs for incident time tracking data
Resilient - Reporting Custom Sections / Flags
Creating custom graphs in the Resilient application
Artifacts and Threat Feeds
These courses will teach you how threat intelligence can perform automatic enrichment for artifacts.
Resilient - Threat Sources Overview
Resilient - Artifact Relation
Resilient - Creating Custom Artifact Types
Click roadmap title to expand/collapse roadmap
Privacy Officer
The total time required to complete this roadmap is 37m.
As a Privacy Officer/ Analyst you will learn how to configure Resilient Privacy and to manage, use and respond to privacy events in your organization.
Resilient Privacy Foundations
These courses will teach you how to manage and respond to privacy events using Resilient SOAR platform.
Managing GDPR Data Breach Notification Requirements with the Resilient Incident Response Platform
Resilient - How to Pre-Select Privacy Regulators
Resilient - How To Create a Notify Data Protection Officer (DPO) Task in Resilient
Customize Your Framework to Comply with a Federal Trade Commission Consent Order
Click roadmap title to expand/collapse roadmap
Resilient System Administrator (OVA Administrator)
The total time required to complete this roadmap is 2h 35m.
These courses teach you how to install and configure IBM Resilient on both the OVA and BYORHEL on premise deployments
Install
Resilient Prerequisites
Initial configuration of the IBM Resilient appliance
Resilient - Installing via an OVA File
Resilient - External Network Configuration
Configuration
Resilient security
Resilient - Backing up the Keyvault
Resilient - Encrypting the Keyvault Password
Resilient - Keyvaults, Keystores and Secrets
Logging and troubleshooting
Managing logs in the IBM Resilient appliance
Troubleshooting Resilient and QRadar Integration Open Mic
Authentication
Setting up alternative authentication mechanisms in the IBM Resilient appliance
Managing users and groups in Resilient
Backup and DR
Resilient - Backing up and Restoring
Using Resilient disaster recovery health checks
Running Resilient disaster recovery playbooks
Setting up Resilient disaster recovery
Common Resilient use cases
Overview
- Automate the escalation and collection of data
- Manage a ransomware attack
- Deal with a data breach involving an inside actor
- Accelerate your Response to Phishing Attacks
Closed captions: English, French, German, Spanish and Japanese
De
En
Es
Fr
Ja
Configuring automatic processing of inbound email in Resilient
Overview
You can configure the IBM Security Resilient platform to create new incidents or update existing incidents from incoming email.
In
this course, you learn how to configure the Resilient platform to
connect to an email inbox and create a rule that processes email
messages by using a template with a Python script. As a result of the
script, an incident is created with extracted artifacts form the email
messages (such as IPs and URLs) and an email notification is sent to the
incident owner.
Objectives
- Observe automated email parsing in action
- Configure an inbound email connection
- Customize a sample email script
- Create a rule to trigger the script
- Test the email processing
IBM Security Resilient Foundations Badge
Resilient SOAR Foundations
Overview
This is an IBM-issued and IBM-recognized badge that attests that recipients have demonstrated the knowledge of basic features and functions needed to work with the IBM Security Resilient incident response product. The badge holder can effectively navigate in the Resilient UI, work with users and authentication, administering the organization, and Resilient product administration.
How can I earn this badge?
- This badge is open to all IBM clients, Business Partners and employees.
- Successful completion all courses listed in the Required courses section below.
- Earn 80 percent or higher on the quiz.
Getting started with IBM Resilient
Overview
The Resilient platform implements incident responses through the use of dynamic playbooks. A dynamic playbook is the set of rules, conditions, business logic, workflows and tasks used to respond to an incident. The Resilient platform updates the response
automatically as the incident progresses and is modified.
In this course, you learn the Resilient basic concepts, platform architecture, and will review a demonstration of the installation process.
Objectives
- Learn the value of IBM Resilient
- Review the introduction video to the IBM Resilient platform
- Learn the IBM Resilient Platform architecture
- Learn about necessary prerequisites
- Review the installation process
- Describe the value of dynamic playbooks
Closed captions: English, French, German, Spanish and Japanese
De
En
Es
Fr
Ja
Introduction to Resilient
Overview
This course is designed to provide an initial introduction to Resilient Incident Response Program. It will help you understand how Resilient can be integrated in your environment and provide the tools to get started.
Agenda
- Introduction to Resilient
- How Resilient Aligns to your Organization
- Installing & Administering Resilient
- Developing Playbooks
- Resources and Support