**** Attention: Only a partial course catalog is displayed. PLEASE LOG IN TO SEE THE COMPLETE CATALOG. ****

QRadar Security Intelligence

The IBM QRadar Security Intelligence Platform provides a unified architecture of integrated functions with a single Security Operations Center user interface.

Capabilities presented include detection and response to attacks, security analytics, threat hunting, incident response, and threat intelligence with network and endpoint protection.

Topics Covered:

QRadar SIEM
QRadar on Cloud
QRadar Network Insights
User Behavior Analytics
QRadar Advisor with Watson
QRadar DNS Analyzer
System Integrations
QRadar - Securing the Cloud
QRadar Incident Forensics
QRadar Vulnerability Manager
How Do I videos

Roadmaps
Courses

Click roadmap title to expand/collapse roadmap

Getting started with QRadar

The total time required to complete this roadmap is 13h 33m.

This roadmap outlines fundamental courses that are intended for someone new to IBM QRadar. These courses describe the architecture, explain deployment options, review the installation, and help you to deploy and understand licensing. This roadmap also introduces the configuration of key product features such as network hierarchy, assets, user management, log sources, flows, rules, and offenses. Finally, it shows you how to use QRadar to analyze offenses, create reports, and emphasize the tuning aspects of the solution.

You are also encouraged to explore the other QRadar roadmaps that focus on different QRadar user roles.

Navigating QRadar on the Security Learning Academy

Review the following course to navigate QRadar Security Intelligence on the IBM Security Learning Academy.

Tour QRadar on the Security Learning Academy

Roadmap category: Planning and installing

Review the following courses to learn about the QRadar component and deployment architecture, installation process, and licensing:

QRadar Planning and Installation Guide

QRadar Architecture

QRadar Deployment Architecture

Using QRadar SIEM License Management

Roadmap category: Configuring

Use the following courses to learn about key QRadar features and configuration tasks:

QRadar foundations - Events

Introducing QRadar Flows

QRadar foundations - Assets V2

QRadar foundations - Network Hierarchy

QRadar flow analysis and investigations

QRadar foundations - Rules and Offenses

QRadar foundations - user management

Log source concepts - protocols and Device Support Modules

QRadar Log Source Protocols - Open Mic

Roadmap category: Investigating and reporting

Use the courses in this category to learn about QRadar Rules and Offenses, which help to detect IT security issues in your organization. These courses show how to use searches and analyze potential incidents.

QRadar SIEM Investigation - Working with Offenses

Experience Center - Demonstration of Threat Simulator use cases

Using IBM QRadar SIEM

Creating reports in QRadar SIEM

Roadmap category: Tuning for investigation

There are many aspects to tuning your QRadar configuration. The courses in this group introduce you to some basic tuning tasks to improve your investigations.

How to update the QRadar network hierarchy to prevent false positive offenses

Local versus global rules in QRadar SIEM

Overview of Building Blocks in QRadar SIEM

Getting started with QRoC

This course provides an introduction to IBM Security QRadar on Cloud (QRoC) and describes the differences between QRoC and an on-premises deployment of QRadar SIEM. Both implementations are based on the same QRadar concepts.

The main differences are these:

Some administrative tasks such as installation, patching, license management, and backups are outsourced as a service to the IBM QRoC DevOps Support team.
The QRoC deployment architecture does not need components such as an Event Collector but requires a dedicated Data Gateway. The Data Gateway creates a secure connection between your QRoC instance and your on-premises locations to securely send information to QRoC for analysis.

Finally, this course presents some links to other relevant QRadar information.

5m Foundational

QRadar Security Intelligence Subjects:

Security Intelligence Latest

Browse this category (5)

Or select by type:

Video Courses (3)

Event Replays (1)

Commercial Courses (1)

QRadar SIEM

Browse this category (132)

Or select by type:

Training roadmaps (5)

Hands-on Labs (16)

Video Courses (87)

Self-Paced Badges (1)

Documentation (2)

Event Replays (18)

Commercial Courses (3)

QRadar on Cloud (QRoC)

Browse this category (5)

Or select by type:

Training roadmaps (1)

Video Courses (3)

Event Replays (1)

QRadar Network Insights

Browse this category (8)

Or select by type:

Hands-on Labs (1)

Video Courses (6)

Event Replays (1)

User Behavior Analytics (UBA)

Browse this category (13)

Or select by type:

Training roadmaps (1)

Hands-on Labs (2)

Video Courses (9)

Event Replays (1)

QRadar Advisor with Watson

Browse this category (17)

Or select by type:

Training roadmaps (1)

Hands-on Labs (1)

Video Courses (12)

Documentation (2)

Event Replays (1)

QRadar DNS Analyzer

Browse this category (4)

Or select by type:

Video Courses (4)

System Integrations

Browse this category (17)

Or select by type:

Hands-on Labs (4)

Video Courses (9)

Event Replays (2)

QRadar - Securing the Cloud

Browse this category (2)

Or select by type:

Video Courses (2)

QRadar Incident Forensics

Browse this category (1)

Or select by type:

Video Courses (1)

QRadar Vulnerability Manager

Browse this category (9)

Or select by type:

Training roadmaps (1)

Hands-on Labs (1)

Video Courses (7)

QRadar on the IBM Security App Exchange

Browse this category (9)

Or select by type:

Video Courses (9)

IBM QRadar Videos: How Do I...

Browse this category (56)

Or select by type:

Training roadmaps (1)

Video Courses (55)