Resilient Videos: How do I... Courses (41):

Resilient - Upgrading the Resilient Appliance Software

This video demonstrates how to upgrade the Resilient Appliance. The Appliance can only be upgraded one major version at a time. This course shows how to install upgrades after they have been downloaded from the IBM Resilient Customer Success Portal.

Changing Ciphers and Protocols in IBM Resilient

This course demonstrates how to change the ciphers and protocol in IBM Resilient. There is a review of which ciphers and protocols are used by default using the nmap application, followed by a demonstration of which files need to be edited in order to adjust the ciphers and protocols being used.

Using the nmap application, you can detect default settings for the protocol and ciphers. All versions of TLS are supported (TLS1.0 TLS 1.1 and TLS 1.2).

The predominant ciphers based on RSA and ASE cryptography are supported, as well as the cryptographic ciphers that support forward secrecy based on Diffie Hellman (DF) and Ecliptic Curve Diffie Hellman (ECDH) algorithms.

Resilient - Notifications and substitution

Use the notifications feature to alert users when a specific condition occurs for an object. A condition can be anything you choose, such as object creation or deletion, or a change in value to a field. An object can be an incident, note, milestone, task, attachment, or artifact.

Through substitution you can insert into the body of the notification, information about the object and its parent to provide additional information. The available objects are incident, note, milestone, task, attachment, and artifact. You can reference the parent (incident or task) of the object, and any custom fields of that parent object.

Resilient - Enabling LDAP authentication

This course demonstrates how to set up LDAP authentication for IBM Resilient including a discussion of prerequisite work that must be completed first.

Resilient - Encrypting the Keyvault Password

This course describes how to encrypt a keyvault password in IBM Resilient. The keyvault password is stored as an unencrypted file by default but can be encrypted using gpg to protect it and decrypted whenever needed.

Importing the Resilient License Key

This course will show you how to import the Resilient license, a necessary step before the Resilient platform can be used. There are two ways to accomplish this task, both of which are shown in the video.

Resilient - Backing up the Keyvault


The keyvault stores all passwords used within IBM Resilient. If the keyvault were lost, it would result in a considerable loss of data. For that reason, the Resilient platform runs a backup of keyvault files to the system database anytime passwords are added or removed and after each system upgrade. This course shows how to use the resutil keyvaultrestore command to restore keyvault files from the system database.

Duration: 4 minutes

Setting up SAML Authentication in IBM Resilient

This course demonstrates how to set up SAML Authentication in IBM Resilient. Use of SAML allows customers to use their own corporate login credentials to authenticate to Resilient.

Configuring Syslog for Resilient

This video demonstrates how to configure syslog to run on an IBM Resilient server.

Resilient - Configuring SSL/TLS Certificates


Configuring Secure Sockets Layer (SSL) or Transport Layer Security (TLS) Certificates in the IBM Resilient Appliance is not difficult. The Resilient Appliance ships with a self-signed certificate but, for optimal security, it is recommended you obtain a certificate from a trusted authority. This course details the steps necessary to obtain and install an SSL or TLS certificate.

Duration: 4 minutes

Resilient - Threat Sources Overview

When artifacts are added to incidents, the Resilient platform can optionally search for those artifacts in several cyber threat sources that have been integrated into the product. This course demonstrates how to enable and disable threat sources in Resilient.

Resilient - How To Create Wikis


Users with the required permission can create and edit wiki pages from within the application. This enables organizations to add important information, guidelines, and reference material for the Incident Response team and wikis can be used as part of incident response process. The wiki feature is useful as a central repository for storing content, references, and guidelines to support users working on incidents and tasks. Users can link to existing wiki pages from incident and task notes and other wiki pages.

Resilient - Enabling LDAP users in groups and deleting LDAP users


When creating a Resilient group, you can link the group to any LDAP group. The result is that members of that LDAP group who are also members in the authorized group are added to the Resilient group. Any membership changes in the LDAP group are reflected automatically in the Resilient group. This feature allows you the flexibility to create numerous groups for specific tasks or duties.

Duration: 9 minutes

Log Configuration in Resilient

The Resilient platform logs various client and server activity in log files, located in the following directory: /usr/share/co3/logs/ This video will show you how to configure logging on the Resilient platform.

Resilient Prerequisites

This short video discusses the prerequisites necessary to successfully install the Resilient appliance on a host. The Resilient appliance is a self-contained server that runs the Resilient platform.

Configuring Audit Logging in Resilient

You can configure the Resilient platform to send audit log messages to the Resilient client.log file and to Syslog, if you have set up and configured Syslog. This video will show you how easy it is to set up.

Resilient - Global and Workspace Roles

This short course describes the difference between Global and Workspace roles.

An Introduction to the Resilient Incident Response Platform

The Resilient Incident Response Platform makes incident response efficient and compliant utilizing a knowledge base of incident response best practices, industry standard frameworks, and regulatory requirements.

Resilient - External Network Configuration

This course describes the external network access needed by Resilient to function properly.

Resilient - Setting the Time Zone

This video demonstrates how to set the time zone on the IBM Resilient Appliance.

Resilient - Keyvaults, Keystores and Secrets

This course discusses keyvaults, keystores and secrets within IBM Resilient.

Resilient - Two-Factor Authentication

This course covers Two-Factor Authentication with IBM Resilient.

Resilient - Deleting or Deactivating a User

This course demonstrates how to delete or deactivate a user from Resilient.

Resilient - Organization Settings

This course reviews the organizational settings that can be made on your Resilience instance, such as

  • Session Timeout
  • Attachments
  • Default Tasks
  • Incident Deletion
  • LDAP Authentication
  • Two-Factor Authentication

Resilient - Deleting Roles

This course demonstrates how to delete a role from within IBM Resilient.

Resilient - Creating a New User using Terminal Commands

This course demonstrates how to create new users using resutil terminal commands

Resilient - Creating a New User using the UI

This course covers the creation of new users using the Resilient user interface as well as the assignment of roles and groups.

Resilient - Reassigning Incidents and Tasks

This course demonstrates how to reassign incidents and tasks to new owners in Resilient.

Resilient - LDAP Authentication

This course covers LDAP Authentication and the use of LDAP Trees within IBM Resilient.

Resilient - Defanging URLs

This course demonstrates how to "defang" your URLs in IBM Resilient to help assure users do not inadvertently click on malicious links.

Resilient - Installing Optional Packages

This course demonstrates how to use the optional packages install for OVA deployments of Resilient.

Resilient - Backing up and Restoring

This course covers backup up and restoring the Resilient application for on-premise customers running Resilient version 27.2 or higher. These procedures will backup and restore all user data in the appliance including the Resilient database, file attachments and the keyvault file.

Resilient - Migrating Organizational Settings

This course demonstrates how to migrate organizational settings by importing and exporting them from one organization to another.

Resilient - Organization Details

This course describes how to view and request changes to your organization details within Resilient.

Resilient - Workspace Key Concepts

This course reviews the key concepts of Resilient workspaces. A workspace is present on the system at all times. Users with the global permission for workspaces can create and manage workspaces. New incidences can be assigned to any of the existing workspaces.

Resilient - Create Workspace

This course demonstrates how to create a new workspace in IBM Resilient.

Resilient - Role Categories

This course provides an overview of available permissions categories when specifying roles for your IBM Resilient users.

Resilient - Delete Workspace

This course demonstrates how to delete and existing workspace in IBM Resilient.

Resilient - Predefined Roles

A role is a specific set of permissions, which you can assign to users and groups. The Roles tab allows you to define and manage roles. You can assign multiple roles to a user, which gives the user a super-set of all the permissions in the roles.

This course reviews the predefined roles on the IBM Resilient appliance and provides caution regarding changing critical administrative roles.

Resilient - Creating Roles

This course shows you how to create global or workspace roles in IBM Resilient.

Global roles define a set of permissions that apply across the organization.
Workspace roles define a set of permissions for specific workspaces only.

Resilient - Installing via an OVA File


This course demonstrates how to install the Resilient appliance using an OVA file.