The total time required to complete this roadmap is 18h 26m.
QRadar SIEM Administrator
The total time required to complete this roadmap is 48h 41m.
QRadar SIEM Analyst
The total time required to complete this roadmap is 23h 24m.
QRadar SIEM Architect
The total time required to complete this roadmap is 16h 34m.
Managed Security Service Providers (MSSP)
The total time required to complete this roadmap is 4h 50m.
Each QRadar Custom Rules Engine instance evaluates hundreds of test conditions on thousands of events and flows per second in real-time. The resource consumption of testing can cause a high system load so that real-time processing degrades. Therefore, rule developers need to consider the computational cost of tests and optimize accordingly. This guide helps rule developers to write efficient custom rules and building blocks.
With the advances of technology and the occurrence of data leaks, cyber security is a bigger challenge than ever before. Cyber attacks evolve as quickly as the technology itself, and hackers are finding more innovative ways to break security controls to access confidential data and to interrupt services. Hackers reinvent themselves using new technology features as a tool to expose companies and individuals. Therefore, cyber security cannot be reactive but must go a step further by implementing proactive security controls that protect one of the most important assets of every organization: the company's information.
This IBM Redbooks publication provides information about implementing IBM QRadar SIEM and protecting an organization's networks through a sophisticated technology, which permits a proactive security posture. It is divided in to the following major sections to facilitate the integration of QRadar with any network architecture:
- "Before the installation" provides a review of important requirements before the installation of the product.
- "Installing IBM QRadar V7.3" provides step-by-step procedures to guide you through the installation process.
- "After the installation" helps you to configure additional features and perform checks after the product is installed.