Getting Started with IBM Resilient SOAR Platform
This roadmap is designed to provide an initial introduction to Resilient Incident Response Program.
Overview and install
These courses help you to understand how Resilient can be integrated into your environment and provide the tools to get started.
Learn how to perform the initial configuration to start using Resilient.
User management and authentication
Learn how to configure user access
Common use cases
Learn about typical scenarios for using Resilient.
Badges and Certifications
Official IBM badges and professional certifications related to this role that can be earned
Resilient Application Administrator/Saas Administrator (Master Administrator)
These courses teach you how to administer Resilient on both an On premise or SaaS deployment of Resilient SOAR platform
Setting up the ORG
These courses teach you how to configure the Resilient Organization
Playbook Designer/ Developer
This roadmap instructs the designer in the features available for creating playbooks within Resilient
Foundations of Design
These courses are about using the design components which make up a playbook in the Resilient SOAR platform.
Automation and Integrations
These courses teach you about automation of your playbooks in the Resilient SOAR platform.
As a Security Analyst you will learn how to manage, use and respond to security events using Resilient playbooks.
Resilient Security Foundations
These courses teach you how to investigate and remediate security incidents using Resilient.
Resilient Dashboards and Reporting
These courses teach you how to create custom dashboards and reports from your incident data
Artifacts and Threat Feeds
These courses will teach you how threat intelligence can perform automatic enrichment for artifacts.
As a Privacy Officer/ Analyst you will learn how to configure Resilient Privacy and to manage, use and respond to privacy events in your organization.
Resilient Privacy Foundations
These courses will teach you how to manage and respond to privacy events using Resilient SOAR platform.
Resilient System Administrator (OVA Administrator)
These courses teach you how to install and configure IBM Resilient on both the OVA and BYORHEL on premise deployments
Backup and DR
You can configure the IBM Security Resilient platform to create new incidents or update existing incidents from incoming email.
In this course, you learn how to configure the Resilient platform to connect to an email inbox and create a rule that processes email messages by using a template with a Python script. As a result of the script, an incident is created with extracted artifacts form the email messages (such as IPs and URLs) and an email notification is sent to the incident owner.
- Observe automated email parsing in action
- Configure an inbound email connection
- Customize a sample email script
- Create a rule to trigger the script
- Test the email processing