QRadar Advanced

The QRadar Advanced track at Virtual Master Skills University is specially designed to help more experienced QRadar users (with more than one year of experience) fine-tune their skills and knowledge. In live sessions and hands-on labs, you'll learn tips and best practices for UBA, Use Case Manager and Mitre Framework, Cloud Architecture, advanced searching strategies, QROC, and more. Plus, you'll hear about the future of threat management with Cloud Pak for Security and see how QRadar integrates with other IBM Security solutions like Resilient and X-Force.

Click roadmap title to expand/collapse roadmap

Master Skills University 2020 - QRadar Advanced

The total time required to complete this roadmap is 22h 19m.

Welcome to Virtual Master Skills University 2020! This is IBM Security's very first virtual Master Skills event, and we're thrilled that you've chosen to spend part of your week with us. Each day, you'll experience advanced-level knowledge transfer from our top subject matter experts, get hands-on with self-paced virtual labs, and have opportunities to chat live with our experts. Here on Security Learning Academy, you'll find replays of the live Master Skills University sessions, all of the hands-on virtual Master Skills University labs, a virtual Escape Room game, additional relevant courses to help you continue your learning, and more.

To join the live sessions each day, use the “Attendee Catalog” link in your event confirmation and reminder emails. When they are available, recordings of the live sessions will become available here on Security Learning Academy. You cannot access the live sessions from Security Learning Academy.



Day 1: Monday, Sept 21, 2020


Day 2: Tuesday, Sept 22, 2020


Day 3: Wednesday, Sept 23, 2020


Day 4: Thursday, Sept 24, 2020 (Cloud Pak for Security)


Additional Learning


Masters Skills University Escape Room - QRadar Advanced

Welcome to the Masters Skills University 2020 Escape Room for QRadar Advanced.

It’s check-out time!

You just completed a 3-day course, and now it’s time to check out of your hotel and make your way to the lobby to catch your plane home. Make your way from your room to the lobby to complete the game.

Your Mission: Starting in your hotel room, answer questions to gain “keys” to unlock the door and move to the next room. There will be both quiz questions relating to your courses and trivia questions to help you navigate through the hotel and to the lobby.

Good luck!

This is a 360-degree presentation. Use your mouse to click and drag to view the environment.


QRadar Cloud Apps

In this session from Virtual Master Skills University 2020, you will learn about the newest Cloud Apps available for QRadar.

QRadar on Cloud

In this session from Virtual Master Skills University 2020, find out what's new with QRadar on Cloud (QROC) and learn about advanced QROC topics like QRadar Network Insights (QNI) on QROC, Cloud apps and licensing, and more.

QRadar system monitoring

In this session from Virtual Master Skills University 2020, you will learn best practices and advanced strategies for system monitoring using charting options in Pulse and AQL searching techniques.

QRadar Disaster Recovery

In this session from Virtual Master Skills University 2020, you will learn advanced QRadar system replication and data resiliency topics, including best practices.

QRadar Cloud Strategy, Integrations, and Deployments

In this session from Virtual Master Skills University 2020, you will get a quick introduction to various cloud model deployments and take a deep dive into QRadar cloud architecture topics.

QRadar Analyst Workflow

In this session from Virtual Master Skills University 2020, you will see a detailed walk-through of the Analyst's Workflow in the QRadar user interface.

QRadar Use Case Manager and Mitre Framework

In this session from Virtual Master Skills University 2020, you will learn about mapping rules on the MITRE Framework, including:

  • Properties mapping
  • What's under the hood of the MITRE app
  • Obtaining updates from MITRE and understanding new MITRE techniques
  • Best practices
  • Use case library
  • Watson MITRE mapping vs. use case MITRE mapping

QRadar User Behavior Analytics

In this session from Virtual Master Skills University 2020, you will take a deep dive into advanced UBA features and tasks, including:

  • MSSP deployment 
  • Rules tuning 
  • Entity analysis 
  • Building a custom ML model 
  • Building the User Risk Timeline

QRadar UBA - multitenant environment setup lab

The IBM Security User Behavior Analytics (UBA) app 3.6.0 supports multi-tenant environments in IBM Security QRadar 7.4.0 Fix Pack 1 and later. 

Multi-tenant environments allow Managed Security Service Providers (MSSPs) and multidivisional organizations to provide security services to multiple client organizations from a single, shared QRadar deployment. You don't need to deploy a unique QRadar instance for each customer. 

With QRadar 7.4.0 Fix Pack 1 or later and UBA 3.6.0, you can create multiple tenants from a single deployment instead of managing multiple deployments. 

This virtual lab walks you through all concepts that are needed to set up the UBA app in a multi-tenant environment such as log sources, tenants, domains, security profiles, UBA users, and roles.