IBM Security Learning Services

User Behavior Analytics (UBA)

Roadmaps
Courses

Click roadmap title to expand/collapse roadmap

Getting Started with QRadar User Behavior Analytics

This roadmap outlines fundamental courses intended for someone who works with IBM QRadar User Behavior Analytics (UBA). These courses describe UBA architecture, review installation, and help you to deploy and use the UBA application.

Overview

Review the following courses to learn about UBA concepts and architecture, and become familiar with the user interface.

QRadar User Behavior Analytics (UBA) architecture and overview

NEW

Foundational

QRadar User Behavior Analytics Open Mic

Intermediate

Setup

Study the following courses to become familiar with the UBA installation and how to start using the application.

QRadar User Behavior Analytics (UBA) setup

Foundational

UBA Tuning

Intermediate

QRadar UBA - multitenant environment setup

NEW

Intermediate

Investigation

In the following courses you learn about various use cases and how a Security Analyst can use UBA for user behavior investigations.

User Behavior Analytics (UBA) - Customizing the Rules

Advanced

An overview to detecting and investigating insider threats with QRadar User Behavior Analytics

Foundational

User Behavior Analytics (UBA) - Use cases

Intermediate

Investigating user behavior with QRadar Security Intelligence

Intermediate

Investigating user behavior with QRadar Security Intelligence

In this lab, you learn how to use the User Behavior Analytics for QRadar (UBA) application to detect anomalous or malicious behavior. The lab comes with UBA already installed and configured. You learn to use the QRadar UBA Dashboard and how the application can help you detect malicious user behavior. The lab also walks you through the investigation process and demonstrates the integration with QRadar Advisor with Watson. The QRadar Advisor with Watson app is also already installed and configured in the lab. To learn more about QRadar Advisor with Watson, visit the dedicated section in the Security Learning Academy, where you can run the lab that is focused on QRadar Advisor with Watson. Finally, the lab walks you through tuning the rules for user risky behavior by configuring the senseValue parameter.

1h Intermediate