QRadar Advisor with Watson
QRadar Advisor with Watson Courses:
In this lab, you learn how to configure and use the QRadar Advisor with Watson app in a QRadar offense investigation. You can download QRadar Advisor with Watson from the IBM Security App Exchange, but you must have a valid subscription to configure and
run the app. In this lab, you can use the app without activating your paid subscription or enrolling in a 30-day free trial. You learn to use regular expressions to extract QRadar custom properties and configure reference sets, rules, network hierarchy,
and assets. The lab also walks you through the investigation process and you learn how to interpret QRadar Advisor knowledge graphs.
The lab provides an overview of the Cyber Adversary Framework Mapping Application. This app is used to map your custom rules to MITRE ATT&CK tactics and override the IBM default rule mappings.