Canonical business partner

Choose your technology

IBM QRadar SIEM 7.4 Advanced Operations course – BQ204G (Updated)

New training updated to version 7.5.2 for advanced operations and best practices with IBM QRadar SIEM. This course corresponds to IBM codes BQ203 and BQ204 and is revised and enhanced by our experts.

Objectives

This training aims to deepen the learning of advanced analysis of security incidents with the advanced course of IBM QRadar SIEM, addressing various complex issues in order to optimize and get the most out of this platform.

During the course we will analyze different use cases based on real-world scenarios using anomaly detection rules using different correlation methodologies for persistent threat detection (APTs),suspicious behaviors and violations of the organization’s security policies. On the other hand, you will learn how to integrate new devices and advanced solutions into QRadar: third-party software, sensors, IoT devices and industrial cybersecurity tools (OT).

Audience

The advanced QRadar course is aimed at cybersecurity analysts with at least three years of experience in SIEM solutions, either QRadar, Archsight or Splunk and a minimum of one year of IBM QRadar experience performing SOC analyst level 2 or higher tasks. We recommend that students who do not meet these requirements pre-take our operations and administrationcourses.

Agenda

  • Implementing practices in operations with IBM QRadar SIEM
  • Managing data structures such as Reference Maps, Sets & Tables for complex threat detection
  • Integrating devices, applications and sensors into IBM QRadar SIEM from scratch
  • Detection of potential threats based on user behavior
  • Configuring automated responses and scripting integration with third-party APIs
  • Analysis of patterns and anomalies in the network
  • Multi-tenant environments. Adapting rules for multi-client deployments.
  • Platform Expansion: Incident Forensics, Network Insights, Vulnerability Manager, Watson Advisor
  • 1h of consultancy at no additional cost
  • Preparation of official certifications (at no extra cost)

Course length and delivery options

This course is given in three days from 8:30 am to 4 pm both in Spain and in Latin America. It can be given in person or online through our virtual classroom.

Ask for a quote

Need help with QRadar? Do you want to try it?

At SIXE we are IBM Security BP. We sell, install and support IBM QRadar SIEM. We also conduct tailor-made training, seminars and technical talks. Ask for a demonstration of the product without obligation.

Our added value

Our courses are deeply oriented to the role to be performed. It is not the same for a team of developers to master a technology as it is for the people in charge of deploying and managing the infrastructure.

That is why, beyond commands and tasks, we focus on solving the day-to-day problems that arise in each team. We provide our students with the knowledge, competencies and skills required for each project. In addition, our documentation is based on the latest version of each product.

Do you have doubts?

Request a meeting with our instructor without obligation. We introduce you to the course, show you the materials and the laboratories.

SiXe Ingeniería
×