QRadar Security Intelligence
The IBM QRadar Security Intelligence Platform provides a unified architecture of integrated functions with a single Security Operations Center user interface.Capabilities presented include detection and response to attacks, security analytics, threat hunting, incident response, and threat intelligence with network and endpoint protection.
- QRadar SIEM
- QRadar on Cloud
- QRadar Network Insights
- User Behavior Analytics
- QRadar Advisor with Watson
- QRadar DNS Analyzer
- System Integrations
- QRadar - Securing the Cloud
- QRadar Incident Forensics
- QRadar Vulnerability Manager
- How Do I videos
QRadar Security Intelligence Roadmaps:
Click roadmap title to expand/collapse roadmap
Getting started with QRadar
The total time required to complete this roadmap is 13h 21m.
This roadmap outlines fundamental courses that are intended for someone new to IBM QRadar. These courses describe the architecture, explain deployment options, review the installation, and help you to deploy and understand licensing. This roadmap also introduces the configuration of key product features such as network hierarchy, assets, user management, log sources, flows, rules, and offenses. Finally, it shows you how to use QRadar to analyze offenses, create reports, and emphasis the tuning aspects of the solution. You are also encouraged to explore the other QRadar roadmaps that focus on different QRadar user roles.
Navigating QRadar on the Security Learning Academy
Review the following course to navigate QRadar Security Intelligence on the IBM Security Learning Academy.
Roadmap category: Planning and installing
Review the following courses to learn about the QRadar component and deployment architecture, installation process, and licensing:
QRadar Planning and Installation Guide
QRadar Deployment Architecture
Using QRadar SIEM License Management
Roadmap category: Configuring
Use the following courses to learn about key QRadar features and configuration tasks:
QRadar foundations - Assets
QRadar foundations - Network Hierarchy
QRadar foundations - Events
Introducing QRadar Flows
QRadar flow analysis and investigations
QRadar foundations - Rules and Offenses
QRadar foundations - user management
Log source concepts - protocols and Device Support Modules
QRadar Log Source Protocols - Open Mic
Roadmap category: Investigating and reporting
Use the courses in this category to learn about QRadar Rules and Offenses, which help to detect IT security issues in your organization. These courses show how to use searches and analyze potential incidents.
QRadar SIEM Investigation - Working with Offenses
Experience Center - Demonstration of Threat Simulator use cases
Using IBM QRadar SIEM
Creating reports in QRadar SIEM
Roadmap category: Tuning for investigation
There are many aspects to tuning your QRadar configuration. The courses in this group introduce you to some basic tuning tasks to improve your investigations.
How to update the QRadar network hierarchy to prevent false positive offenses
Local versus global rules in QRadar SIEM
Overview of Building Blocks in QRadar SIEM