Advanced operations and threat analysis training with IBM QRadar SIEM v7.3

This training aims to deepen learning advanced security incident analysis with IBM QRadar  SIEM, addressing a variety of complex topics to optimize and get the most out of this platform.

During the course we will analyze different use cases based on real-world scenarios using anomaly detection rules using different correlation methodologies for persistent threat detection (APTs),suspicious behaviors and violations of the organization’s security policies. On the other hand, you will learn how to integrate new devices and solutions into QRadar: third-party software, sensors, IoT devices and industrial cybersecurity (OT) tools.

Audience

The advanced-level course is aimed at cybersecurity analysts with at least three years of experience in SIEM solutions, whether QRadar, Archsight, or Splunk and a minimum of 1 year of experience with IBM QRadar performing SOC analyst tasks level 2 or higher. We recommend that students who do not meet these requirements pre-take our operations and administration courses.

Agenda

  • Implementing IBM QRadar SIEM best practices
  • Managing data structures such as Reference Maps, Sets & Tables for complex threat detection
  • Integrating devices, applications and sensors into IBM QRadar SIEM from scratch
  • Detection of potential threats based on user behaviour
  • Configuring automated responses and scripting integration with third-party APIs
  • Analysis of patterns and anomalies in the network
  • Multi-tenant environments. Adapting rules for multi-client deployments.
  • Platform Expansion: Incident Forensics, Network Insights, Vulnerability Manager, Watson Advisor
  • 1h of consultancy at no additional cost

Duration of the course

Our advanced QRadar course consists of 2 days or 12 hours. The contents and duration of all our trainings can be modified at the request of our customers.

Instructors

All our training is delivered directly by our engineers. Only in this way can we guarantee the highest quality of our courses. We have all the certifications available in this technology: IBM QRadar Administrator, Analyst and Deployment Professional for which we have specific trainings.