Course Catalog

The exercise in this lab demonstrates how you can use QRadar Network Insights to detect suspicious and malicious traffic. The exercise reflects the timeline of the attack and how it is detected in QRadar.

With Kaspersky Threat Feed App for IBM Security QRadar, log files indexed by your QRadar instance are correlated with Kaspersky Threat Intelligence Data Feeds to detect malicious activity on your enterprise network. You get the real-time awareness needed for highlighting risks and implications associated with security breaches, as well as effectively mitigating cyber threats and defending against attacks even before they are launched.

The IBM Security QRadar Network Threat Analytics application provides insights into your network traffic enabling your security team to investigate outlier behavior on the network. QRadar Network Threat Analytics leverages network traffic information from QRadar, including deep visibility from QRadar Network Insights, to profile and monitor activity in the environment.

In this video, you get an initial overview of the app's capability.

Learn about how the architecture of IBM Security QRadar on Cloud differs from other QRadar deployments. Learn about the roles of Data Gateways and Disconnected Log Collectors in the QRoC architecture. Learn about using the QRoC Self Serve app to perform administrative tasks. Learn how to log in to QRoC. Learn about the benefits of QRoc. Finally, learn about the differences between QRoC and other QRadar deployments.

Learn how to perform a variety of administrative tasks in the IBM Security QRadar on Cloud Self Serve app.  Add users, review your deployment information, and create tokens for gateways and services.

Learn how to install a Data Gateway for your IBM Security QRadar on Cloud instance.  Also, learn how to troubleshoot common issues when you connect your Data Gateway to QRadar on Cloud.