System Integrations

This category contains integration scenarios that use IBM Security Threat Intelligence products.

System Integrations Courses:

Using IBM X-Force Deep Packet Inspection in the IBM Security Access Manager Appliance

This course demonstrates how IBM X-Force PAM engine works in IBM Security Access Manager (ISAM) appliance. The course is the how-to lab guide with the set of virtual machines that students can explore on they own time.

How to use IBM X-Force Threat Intelligence and integrate with QRadar SIEM

This course teaches you how to take advantage of the information posted in IBM X-Force Exchange (XFE) platform by using the API, curl tool, and python language.

The course also demonstrates integration between XFE and QRadar SIEM using XFE SDK and direct integration or Threat Intelligence Application and TAXII endpoints.


Objectives

  • Learn how to leverage the X-Force Exchange API, curl tool, and python scripts to pull threat data from the X-Force Exchange platform
  • Install the Threat Intelligence app in QRadar SIEM
  • Test the API using online documentation
  • Use curl commands and the X-Force Exchange API documentation to simulate browser requests
  • Write a python script that uses X-Force Exchange API code
  • Use TAXII feeds, collections, and the QRadar Threat Intelligence app to integrate the X-Force Exchange API and QRadar SIEM
  • Configure threat data feeds to monitor and detect ransomware outbreaks


Introduction to the IBM Security Immune System

The IBM Security Immune System looks at a security portfolio in an organized fashion - as an integrated framework of security capabilities that transmits and ingests vital security data to help gain visibility, understand, and prioritize threats, and coordinate multiple layers of defense. At its core, the system automates policies and block threats - just as the human immune system can assess and identify a virus and then trigger an immune response.