Only a partial course catalog displayed. Please click here to log in to see the complete catalog.


Security Intelligence Courses (10):

NEW

This course focuses on two conceptual log source components. Protocols, which ingest event data into the QRadar ecosystem, and Device Support Modules, which act on this ingested data. You will learn about the roles of these components, and how they are aligned in the event pipeline.

NEW

You can back up and recover IBM® Security QRadar® configuration information and data by using the backup and recovery feature to back up your event and flow data.

NEW

Importing a backup archive is useful if you want to restore a backup archive that was created on another IBM Security QRadar host.

NEW

By default, IBM® Security QRadar® creates a backup archive of your configuration information daily at midnight. The backup archive includes your configuration information, data, or both from the previous day. You can customize this nightly backup and create an on-demand configuration backup, as required.

NEW

By default, IBM® Security QRadar® creates a backup archive of your configuration information daily at midnight. The backup archive includes your configuration information, data, or both from the previous day. You can customize this nightly backup and create an on-demand configuration backup, as required.

NEW

Similar to the if-then statement in programming languages, custom rules consist of a boolean operation and statements. If the QRadar custom rule engine (CRE) evaluates the boolean operation to true, then the CRE performs the configured rule actions and rule responses. This course addresses the following rule actions:

  • Changing severity, credibility and relevance of the event or flow
  • Adding the event or flow to an offense
  • Annotating the event or flow
  • Dropping the event or flow by rule action and routing rule

NEW

Managing log sources is one of the everyday challenges in QRadar administration, which can be quite time consuming. The Log Source Management App can help facilitate these tasks more efficiently. This video course shows the features of version 3.0 of this app.

The course objectives are:

  • Searching, filtering, and sorting capabilities
  • Bulk editing
  • Bulk deleting
  • Adding new log sources using csv-file upload

NEW

Attackers can't hide on your network with IBM QRadar Network Insights. Security teams are flooded with security log activity every day, but inspecting those logs does not always generate the level of insight required to detect modern threats. They are eager to find additional methods to provide more accurate threat detection.

In this video, an attacker infiltrates and takes over a victim's computer by exploiting a phishing attack with a malicious attachment.

QRadar Network Insights analyzes network data in real-time to uncover the attacker’s footprint and expose the hidden security threats in this scenario.

NEW

The IBM QRadar Network Insights appliance can provide detailed analysis of network flows to extend the threat detection capabilities of IBM QRadar. This video demonstrates how to add an already installed QNI appliance into a QRadar deployment and how to deploy the license key.

NEW

Determining the rules that triggered can provide valuable insight into your IT environment and guide you for further rule development and improvement. In this course, you learn how to gain different perspectives on matching rules.

  • Sorting rules by their contributions to offenses
  • Grouping dispatched events by event name
  • Grouping events by rules that triggered for them
  • Grouping flows by rules that triggered for them
  • Filtering by rules that triggered